CVE-2023-38545
Description
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxyhandshake.When curl is asked to pass along the host name to the SOCKS5 proxy to allowthat to resolve the address instead of it getting done by curl itself, themaximum length that host name can be is 255 bytes.If the host name is detected to be longer, curl switches to local nameresolving and instead passes on the resolved address only. Due to this bug,the local variable that means let the host resolve the name could get thewrong value during a slow SOCKS5 handshake, and contrary to the intention,copy the too long host name to the target buffer instead of copying just theresolved address there.The target buffer being a heap based buffer, and the host name coming from theURL that curl has been told to operate with.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
26.747
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2023-38545 are fixed in Curl For Windows 8.4.0 | Windows |
| Windows Scripting Engine Memory Corruption Vulnerability for Windows 11 for x64-based Systems (KB5032192) | Windows |
| Windows Scripting Engine Memory Corruption Vulnerability for Windows 11 for ARM64-based Systems (KB5032192) | Windows |
| Windows Scripting Engine Memory Corruption Vulnerability for Windows 10 Version 1809 for x86-based Systems (KB5032196) | Windows |
| Windows Scripting Engine Memory Corruption Vulnerability for Windows 10 Version 1809 for x64-based Systems (KB5032196) | Windows |
| Windows Scripting Engine Memory Corruption Vulnerability for Windows Server 2019 for x64-based Systems (KB5032196) | Windows |
| Windows Scripting Engine Memory Corruption Vulnerability for Microsoft server operating system version 21H2 for x64-based Systems (KB5032198) | Windows |
| Microsoft Outlook Spoofing Vulnerability for Office 2019 for x64 1808 of volume version(10412.20006) | Windows |
| Microsoft Outlook Spoofing Vulnerability for Office 2019 for x64 1808 of volume version(10412.20006) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Office 2019 for x86 1808 of volume version(10412.20006) | Windows |
| Update for Office 2019 for x86 1808 of volume version(10412.20006) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Office 2021 for x64 2108 of volume version(14332.20736) | Windows |
| Update for Office 2021 for x64 2108 of volume version(14332.20736) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Office 2021 for x86 2108 of volume version(14332.20736) | Windows |
| Update for Office 2021 for x86 2108 of volume version(14332.20736) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x64 2402 of version(17328.20452) | Windows |
| Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2402 of version(17328.20452) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x86 2402 of version(17328.20452) | Windows |
| Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2402 of version(17328.20452) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2402 of version(17328.20452) | Windows |
| Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2402 of version(17328.20452) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2402 of version(17328.20452) | Windows |
| Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2402 of version(17328.20452) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x64 2402 of version(17328.20452) | Windows |
| Update for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x64 2402 of version(17328.20452) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x86 2402 of version(17328.20452) | Windows |
| Update for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x86 2402 of version(17328.20452) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Monthly Enterprise Channel for x64 2405 of version(17628.20188) | Windows |
| Update for Microsoft 365 Apps for Monthly Enterprise Channel for x64 2405 of version(17628.20188) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Monthly Enterprise Channel for x86 version 2405 (17628.20188) | Windows |
| Update for Microsoft 365 Apps for Monthly Enterprise Channel for x86 version 2405 (17628.20188) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Business Monthly Enterprise Channel for x64 2405 of version(17628.20188) | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Business Monthly Enterprise Channel for x86 version 2405 (17628.20188) | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Business Current Channel for x64 2406 of version(17726.20160) | Windows |
| Update for Microsoft 365 Apps for Business Current Channel for x64 2406 of version(17726.20160) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Business Current Channel for x86 2406 of version(17726.20160) | Windows |
| Update for Microsoft 365 Apps for Business Current Channel for x86 2406 of version(17726.20160) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x64 2406 of version(17726.20160) | Windows |
| Update for Microsoft 365 Apps for Enterprise Current Channel for x64 2406 of version(17726.20160) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x86 2406 of version(17726.20160) | Windows |
| Update for Microsoft 365 Apps for Enterprise Current Channel for x86 2406 of version(17726.20160) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Office 2019 for x64 2406 Retail Version (17726.20160) | Windows |
| Update for Office 2019 for x64 2406 Retail Version (17726.20160) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Office 2019 for x86 2406 Retail Version (17726.20160) | Windows |
| Update for Office 2019 for x86 2406 Retail Version (17726.20160) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Office 2021 for x64 2406 of Retail Version(17726.20160) | Windows |
| Update for Office 2021 for x64 2406 of Retail Version(17726.20160) For Home Edition | Windows |
| Microsoft Outlook Spoofing Vulnerability for Office 2021 for x86 2406 of Retail Version(17726.20160) | Windows |
| Update for Office 2021 for x86 2406 of Retail Version(17726.20160) For Home Edition | Windows |
| Vulnerabilities CVE-2023-22028,CVE-2023-22084,CVE-2023-38545 are affected in Mysql 5.7.43 | Windows |
| Multiple vulnerabilities are affected in Mysql 8.0.34 | Windows |
| Multiple vulnerabilities are affected in Mysql 8.1.0 | Windows |
| Vulnerabilities CVE-2023-38545,CVE-2023-38546,CVE-2023-42915 are affected in Curl For Windows 8.3.9 | Windows |
| Vulnerabilities CVE-2023-38546,CVE-2023-38545 are fixed in Curl For Windows 8.4.0 | Windows |
| Multiple vulnerabilities are fixed in Couchbase Server Enterprise Edition 7.2.4 | Windows |
| Multiple Vulnerabilities are affected in Netapp Active Iq Unified Manager 2.3 | Windows |
| Multiple Vulnerabilities are affected in Netapp Oncommand Insight 2.3 | Windows |
| Multiple vulnerabilities are affected in Oracle HTTP Server 12.2.1.4.0 | Windows |
| Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.59 | Windows |
| Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.60 | Windows |
| Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.61 | Windows |
| Multiple Vulnerabilities are affected in Netapp Oncommand Workflow Automation 2.3 | Windows |
| Multiple Vulnerabilities are affected in IBM App Connect Enterprise 12.0.10.0 | Windows |
| Microsoft Outlook Spoofing Vulnerability for Office 2016 for x86 2406 Retail Version (17726.20160) | Windows |
| Microsoft Outlook Spoofing Vulnerability for Office 2016 for x64 2406 Retail Version (17726.20160) | Windows |
| Multiple vulnerabilities are fixed in Mac OS - Ventura 13.6.4 (Software Update) - AutoReboot (CVE-2024-23222) | Mac |
| Multiple vulnerabilities are fixed in Mac OS - Monterey 12.7.3 (Software Update) - (AutoReboot)(CVE-2024-23222) | Mac |
| Multiple vulnerabilities are fixed in Mac OS - Sonoma 14.2 (Software Update) - AutoReboot | Mac |
| Multiple vulnerabilities are fixed in Mac OS - Sonoma 14.2.1 (Software Update) - AutoReboot (CVE-2023-42940) | Mac |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) curl_7.88.1-8ubuntu2.3_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) curl_7.88.1-8ubuntu2.3_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) curl_7.68.0-1ubuntu2.20_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) curl_7.68.0-1ubuntu2.20_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) curl_7.81.0-1ubuntu1.14_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) curl_7.81.0-1ubuntu1.14_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl4_7.88.1-8ubuntu2.3_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl4_7.88.1-8ubuntu2.3_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl4_7.68.0-1ubuntu2.20_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl4_7.68.0-1ubuntu2.20_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl4_7.81.0-1ubuntu1.14_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl4_7.81.0-1ubuntu1.14_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl3-nss_7.88.1-8ubuntu2.3_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl3-nss_7.88.1-8ubuntu2.3_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl3-nss_7.68.0-1ubuntu2.20_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl3-nss_7.68.0-1ubuntu2.20_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl3-nss_7.81.0-1ubuntu1.14_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl3-nss_7.81.0-1ubuntu1.14_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl3-gnutls_7.88.1-8ubuntu2.3_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl3-gnutls_7.88.1-8ubuntu2.3_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl3-gnutls_7.68.0-1ubuntu2.20_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl3-gnutls_7.68.0-1ubuntu2.20_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl3-gnutls_7.81.0-1ubuntu1.14_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-1) libcurl3-gnutls_7.81.0-1ubuntu1.14_amd64.deb | Linux |
| curl security update(DSA-5523-1) curl_7.88.1-10+deb12u4_amd64.deb | Linux |
| curl security update(DSA-5523-1) curl_7.74.0-1.3+deb11u10_amd64.deb | Linux |
| SUSE-SU-2023:4043-1(SUSE Linux Enterprise Server 12 SP5 ) curl-8.0.1-11.74.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4043-1(SUSE Linux Enterprise Server 12 SP5 ) curl-debuginfo-8.0.1-11.74.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4043-1(SUSE Linux Enterprise Server 12 SP5 ) curl-debugsource-8.0.1-11.74.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4043-1(SUSE Linux Enterprise Server 12 SP5 ) libcurl4-8.0.1-11.74.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4043-1(SUSE Linux Enterprise Server 12 SP5 ) libcurl4-32bit-8.0.1-11.74.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4043-1(SUSE Linux Enterprise Server 12 SP5 ) libcurl4-debuginfo-8.0.1-11.74.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4043-1(SUSE Linux Enterprise Server 12 SP5 ) libcurl4-debuginfo-32bit-8.0.1-11.74.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP4 ) curl-8.0.1-150400.5.32.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP4 ) curl-debuginfo-8.0.1-150400.5.32.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP4 ) curl-debugsource-8.0.1-150400.5.32.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP4 ) libcurl-devel-8.0.1-150400.5.32.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP4 ) libcurl4-8.0.1-150400.5.32.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP4 ) libcurl4-32bit-8.0.1-150400.5.32.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP4 ) libcurl4-32bit-debuginfo-8.0.1-150400.5.32.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP4 ) libcurl4-debuginfo-8.0.1-150400.5.32.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP5 ) curl-8.0.1-150400.5.32.1.x86_64_15_SP5.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP5 ) curl-debuginfo-8.0.1-150400.5.32.1.x86_64_15_SP5.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP5 ) curl-debugsource-8.0.1-150400.5.32.1.x86_64_15_SP5.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP5 ) libcurl-devel-8.0.1-150400.5.32.1.x86_64_15_SP5.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP5 ) libcurl4-8.0.1-150400.5.32.1.x86_64_15_SP5.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP5 ) libcurl4-32bit-8.0.1-150400.5.32.1.x86_64_15_SP5.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP5 ) libcurl4-32bit-debuginfo-8.0.1-150400.5.32.1.x86_64_15_SP5.rpm | Linux |
| SUSE-SU-2023:4044-1(Basesystem Module 15-SP5 ) libcurl4-debuginfo-8.0.1-150400.5.32.1.x86_64_15_SP5.rpm | Linux |
| SUSE-SU-2023:4055-1(Server Applications Module 15-SP4 ) xen-4.16.5_06-150400.4.37.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4055-1(Basesystem Module 15-SP4 ) xen-debugsource-4.16.5_06-150400.4.37.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4055-1(Server Applications Module 15-SP4 ) xen-devel-4.16.5_06-150400.4.37.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4055-1(Basesystem Module 15-SP4 ) xen-libs-4.16.5_06-150400.4.37.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4055-1(Basesystem Module 15-SP4 ) xen-libs-debuginfo-4.16.5_06-150400.4.37.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4055-1(Server Applications Module 15-SP4 ) xen-tools-4.16.5_06-150400.4.37.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4055-1(Server Applications Module 15-SP4 ) xen-tools-debuginfo-4.16.5_06-150400.4.37.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4055-1(Basesystem Module 15-SP4 ) xen-tools-domU-4.16.5_06-150400.4.37.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4055-1(Basesystem Module 15-SP4 ) xen-tools-domU-debuginfo-4.16.5_06-150400.4.37.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4055-1(Server Applications Module 15-SP4 ) xen-tools-xendomains-wait-disk-4.16.5_06-150400.4.37.1.noarch.rpm | Linux |
| Curl update (ELSA-2023-5763) curl-7.76.1-23.el9_2.4.x86_64.rpm | Linux |
| Curl-minimal update (ELSA-2023-5763) curl-minimal-7.76.1-23.el9_2.4.x86_64.rpm | Linux |
| Libcurl update (ELSA-2023-5763) libcurl-7.76.1-23.el9_2.4.i686.rpm | Linux |
| Libcurl update (ELSA-2023-5763) libcurl-7.76.1-23.el9_2.4.x86_64.rpm | Linux |
| Libcurl-devel update (ELSA-2023-5763) libcurl-devel-7.76.1-23.el9_2.4.i686.rpm | Linux |
| Libcurl-devel update (ELSA-2023-5763) libcurl-devel-7.76.1-23.el9_2.4.x86_64.rpm | Linux |
| Libcurl-minimal update (ELSA-2023-5763) libcurl-minimal-7.76.1-23.el9_2.4.i686.rpm | Linux |
| Libcurl-minimal update (ELSA-2023-5763) libcurl-minimal-7.76.1-23.el9_2.4.x86_64.rpm | Linux |
| Curl update (ELSA-2023-6745) curl-7.76.1-26.el9_3.2.x86_64.rpm | Linux |
| Curl-minimal update (ELSA-2023-6745) curl-minimal-7.76.1-26.el9_3.2.x86_64.rpm | Linux |
| Libcurl update (ELSA-2023-6745) libcurl-7.76.1-26.el9_3.2.i686.rpm | Linux |
| Libcurl update (ELSA-2023-6745) libcurl-7.76.1-26.el9_3.2.x86_64.rpm | Linux |
| Libcurl-devel update (ELSA-2023-6745) libcurl-devel-7.76.1-26.el9_3.2.i686.rpm | Linux |
| Libcurl-devel update (ELSA-2023-6745) libcurl-devel-7.76.1-26.el9_3.2.x86_64.rpm | Linux |
| Libcurl-minimal update (ELSA-2023-6745) libcurl-minimal-7.76.1-26.el9_3.2.i686.rpm | Linux |
| Libcurl-minimal update (ELSA-2023-6745) libcurl-minimal-7.76.1-26.el9_3.2.x86_64.rpm | Linux |
| SUSE-SU-2023:4089-1(Basesystem Module 15-SP4 ) opensc-0.22.0-150400.3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4089-1(Basesystem Module 15-SP5 ) opensc-0.22.0-150400.3.6.1.x86_64_15_SP5.rpm | Linux |
| SUSE-SU-2023:4089-1(Basesystem Module 15-SP4 ) opensc-debuginfo-0.22.0-150400.3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4089-1(Basesystem Module 15-SP5 ) opensc-debuginfo-0.22.0-150400.3.6.1.x86_64_15_SP5.rpm | Linux |
| SUSE-SU-2023:4089-1(Basesystem Module 15-SP4 ) opensc-debugsource-0.22.0-150400.3.6.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4089-1(Basesystem Module 15-SP5 ) opensc-debugsource-0.22.0-150400.3.6.1.x86_64_15_SP5.rpm | Linux |
| curl update (TU-CESAS-0004) curl-7.61.1-31.el8.x86_64.rpm | Linux |
| curl update (TU-CESAS-0004) curl-7.76.1-28.el9.x86_64.rpm | Linux |
| bind update (TU-CESAS-0004) bind-sdb-9.11.36-9.el8.x86_64.rpm | Linux |
| bind update (TU-CESAS-0004) bind-export-libs-9.11.36-9.el8.i686.rpm | Linux |
| bind update (TU-CESAS-0004) bind-export-libs-9.11.36-9.el8.x86_64.rpm | Linux |
| bind update (TU-CESAS-0004) bind-export-devel-9.11.36-9.el8.i686.rpm | Linux |
| bind update (TU-CESAS-0004) bind-export-devel-9.11.36-9.el8.x86_64.rpm | Linux |
| bind update (TU-CESAS-0004) bind-pkcs11-utils-9.11.36-9.el8.x86_64.rpm | Linux |
| nss update (TU-CESAS-0020) nss-tools-3.90.0-4.el8.x86_64.rpm | Linux |
| nss update (TU-CESAS-0020) nss-softokn-3.90.0-4.el8.i686.rpm | Linux |
| nss update (TU-CESAS-0020) nss-softokn-3.90.0-4.el8.x86_64.rpm | Linux |
| nss update (TU-CESAS-0020) nss-sysinit-3.90.0-4.el8.x86_64.rpm | Linux |
| curl update (TU-CESAS-0020) curl-minimal-7.76.1-28.el9.x86_64.rpm | Linux |
| perl update (TU-CESAS-0020) perl-HTTP-Tiny-0.074-2.el8.noarch.rpm | Linux |
| python3.11 update (TU-CESAS-0020) python3.11-pip-22.3.1-4.el8.noarch.rpm | Linux |
| ghostscript update (TU-CESAS-0020) ghostscript-doc-9.54.0-13.el9.noarch.rpm | Linux |
| python3.11 update (TU-CESAS-0020) python3.11-pip-wheel-22.3.1-4.el8.noarch.rpm | Linux |
| ghostscript update (TU-CESAS-0020) ghostscript-tools-fonts-9.54.0-13.el9.x86_64.rpm | Linux |
| ghostscript update (TU-CESAS-0020) ghostscript-tools-dvipdf-9.54.0-13.el9.x86_64.rpm | Linux |
| ghostscript update (TU-CESAS-0020) ghostscript-tools-printing-9.54.0-13.el9.x86_64.rpm | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-3) curl_8.2.1-1ubuntu3.1_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-3) curl_8.2.1-1ubuntu3.1_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-3) libcurl4_8.2.1-1ubuntu3.1_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-3) libcurl4_8.2.1-1ubuntu3.1_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-3) libcurl3-nss_8.2.1-1ubuntu3.1_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-3) libcurl3-nss_8.2.1-1ubuntu3.1_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-3) libcurl3-gnutls_8.2.1-1ubuntu3.1_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-6429-3) libcurl3-gnutls_8.2.1-1ubuntu3.1_amd64.deb | Linux |
| libcurl update (CESAS-2024-0068) libcurl-devel-7.76.1-29.el9.i686.rpm | Linux |
| libcurl update (CESAS-2024-0068) libcurl-devel-7.76.1-29.el9.x86_64.rpm | Linux |
| curl update (TU-CESAS-0004) curl-7.76.1-29.el9.x86_64.rpm | Linux |
| curl update (TU-CESAS-0020) curl-minimal-7.76.1-29.el9.x86_64.rpm | Linux |
| Out-of-bounds Write Vulnerability (CVE-2023-38545) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-37614 | 2023-11 Cumulative Update for Windows 11 for x64-based Systems (KB5032192) (CVE-2023-36036) (CVE-2023-36025) (CVE-2023-36033) |
| PATCH-37602 | 2023-11 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5032196) (CVE-2023-36036) (CVE-2023-36025) (CVE-2023-36033) |
| PATCH-37603 | 2023-11 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5032196) (CVE-2023-36036) (CVE-2023-36025) (CVE-2023-36033) |
| PATCH-37604 | 2023-11 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5032196) (CVE-2023-36036) (CVE-2023-36025) (CVE-2023-36033) |
| PATCH-37601 | 2023-11 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5032198) (CVE-2023-36036) (CVE-2023-36025) (CVE-2023-36033) |
| PATCH-39362 | Update for Office 2019 for x64 1808 of volume version(10412.20006) |
| PATCH-39364 | Update for Office 2019 for x86 1808 of volume version(10412.20006) |
| PATCH-39370 | Update for Office 2021 for x64 2108 of volume version(14332.20736) |
| PATCH-39372 | Update for Office 2021 for x86 2108 of volume version(14332.20736) |
| PATCH-39350 | Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2402 of version(17328.20452) |
| PATCH-39352 | Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2402 of version(17328.20452) |
| PATCH-39354 | Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2402 of version(17328.20452) |
| PATCH-39356 | Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2402 of version(17328.20452) |
| PATCH-39358 | Update for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x64 2402 of version(17328.20452) |
| PATCH-39360 | Update for Microsoft 365 Apps for Enterprise Semi Annual Preview Channel for x86 2402 of version(17328.20452) |
| PATCH-39342 | Update for Microsoft 365 Apps for Monthly Enterprise Channel for x64 2405 of version(17628.20188) |
| PATCH-39344 | Update for Microsoft 365 Apps for Monthly Enterprise Channel for x86 version 2405 (17628.20188) |
| PATCH-39346 | Update for Microsoft 365 Apps for Business Monthly Enterprise Channel for x64 2405 of version(17628.20188) |
| PATCH-39348 | Update for Microsoft 365 Apps for Business Monthly Enterprise Channel for x86 version 2405 (17628.20188) |
| PATCH-39334 | Update for Microsoft 365 Apps for Business Current Channel for x64 2406 of version(17726.20160) |
| PATCH-39336 | Update for Microsoft 365 Apps for Business Current Channel for x86 2406 of version(17726.20160) |
| PATCH-39338 | Update for Microsoft 365 Apps for Enterprise Current Channel for x64 2406 of version(17726.20160) |
| PATCH-39340 | Update for Microsoft 365 Apps for Enterprise Current Channel for x86 2406 of version(17726.20160) |
| PATCH-39366 | Update for Office 2019 for x64 2406 Retail Version (17726.20160) |
| PATCH-39368 | Update for Office 2019 for x86 2406 Retail Version (17726.20160) |
| PATCH-39374 | Update for Office 2021 for x64 2406 of Retail Version(17726.20160) |
| PATCH-39376 | Update for Office 2021 for x86 2406 of Retail Version(17726.20160) |
| PATCH-611601 | Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only) |
| PATCH-608134 | Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877) |
| PATCH-609043 | Mac OS - Sonoma 14.7.1 (Software Update) - AutoReboot (Deployment-Only) |
| PATCH-609043 | Mac OS - Sonoma 14.7.1 (Software Update) - AutoReboot (Deployment-Only) |
| PATCH-39417 | Update for Office 2016 for x86 2406 Retail Version (17726.20160) |
| PATCH-39419 | Update for Office 2016 for x64 2406 Retail Version (17726.20160) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234