We are aware of a critical security vulnerability, CVE-2023-38545, in the widely-used data transfer tool, curl, and its library, libcurl. Rest assured, we are actively working to identify services utilizing curl in our infrastructure and have taken the following steps: What’s the Issue?: A high-severity vulnerability in curl. Why It Matters: This is a severe issue with a high probability of impacting multiple systems. Preparation: We are actively monitoring the situation and utilizing SBOM to identify affected services and products. Action Taken: Curl have advised a security patch is scheduled to be released on October 11.
Your security is our priority, and we are prepared to address this issue. More updates to follow.