CVSS 3.1 Score 7.5 of 10 (high)


Published Sep 15, 2023
Updated: Apr 1, 2024
CWE ID 770


CVE-2023-38039 is a cyber vulnerability that affects multiple products, including curl. This vulnerability allows a malicious server to send an endless stream of headers in an HTTP response, causing curl to run out of memory. The affected products include olr5Xj, olr5Xi, qO3iZk, qO3iZl, qO3iZm, qO3iZn, and many others. The vulnerability has a high severity rating with a base score of 7.5 and could pose a significant danger to organizations. To remediate this vulnerability, users are advised to update their curl software to the latest version that includes the fix for this issue.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-38039 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options