Can libcurl.dll be updated to a version 8.4.0 or higher ASAP?
1 Like
Why do you think this vulnerability affects Audacity?
See the lower part of the screenshot. Audacity contains libcurl.dll at a version lower than 8.4.0, so the DLL Audacity is distributing does contain the vulnerability. I am not saying either way whether Audacity uses the library in an exploitable way, but shipping vulnerable components is not ideal as they show up in vulnerability scans.
1 Like
For us, it leaves us in the position of having to request security exemptions for a component that is updated on all the other software we are running.
This topic was automatically closed after 30 days. New replies are no longer allowed.