curl: Multiple Vulnerabilities
Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution.
curl
2023-10-11
2023-10-11
887745
894676
902801
906590
910564
914091
915195
remote
8.3.0-r2
8.3.0-r2
A command line tool and library for transferring data with URLs.
Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
Note that the risk of remote code execution is limited to SOCKS usage.
There is no known workaround at this time.
All curl users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/curl-8.3.0-r2"
CVE-2022-43551
CVE-2022-43552
CVE-2023-23914
CVE-2023-23915
CVE-2023-23916
CVE-2023-27533
CVE-2023-27534
CVE-2023-27535
CVE-2023-27536
CVE-2023-27537
CVE-2023-27538
CVE-2023-28319
CVE-2023-28320
CVE-2023-28321
CVE-2023-28322
CVE-2023-32001
CVE-2023-38039
CVE-2023-38545
CVE-2023-38546
sam
sam