curl 8.4.0 has been released to patch and release details on a hyped up high-severity security vulnerability (CVE-2023-38545), easing week-long concerns regarding the flaw's severity.

The second flaw, CVE-2023-38546, affects only libcurl and allows for arbitrary cookies injection into a program that uses libcurl.However, the issue is considered low severity.

Its underlying library, libcurl, also serves as a backbone for web-aware applications, making it an essential component of the internet ecosystem. The high-severity vulnerability, CVE-2023-38545, ...