Libcurl CVE-2023-38545 in updater
This is fixed in libcurl 8.4.0, which is out-- will you be updating to that dll soon?
The file is C:\Program Files\Notepad++\updater\libcurl.dll
Wiz says the detailed name of it is cpe:2.3:a:haxx:libcurl, current version 7.79.1, fixed versioin 8.4.0.
I can’t post a link to nvd, sorry.
The issue has been reported to the developer. It is up to him when it gets fixed.
The developer has committed a fix, updating to curl 8.4.0. The new libcurl.dll should be included in the next version of Notepad++ (presumably to be named v8.5.9).