CVE-2023-38546 log

Severity Low
Remote Yes
Type Content spoofing
A logic flaw has been found in cURL before 8.4.0, which allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met.
Group Package Affected Fixed Severity Status Ticket
AVG-2846 lib32-curl, lib32-libcurl-compat, lib32-libcurl-gnutls 8.3.0-1 8.4.0-1 High Fixed
AVG-2845 curl, libcurl-compat, libcurl-gnutls 8.3.0-1 8.4.0-1 High Fixed