Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

I’m assuming libcurl is baked into the curl table… maybe? As per todays CVE drop, the (known) vulnerabilities can only manifest themselves if there’s a specific buffer or `limit-rate` set, is that something that could interact with osquery?
Or is the assumption that all inputs to osquery are known/controlled/sanitize-ABLE if not sanitized, and therefore a patched libcurl isn’t required off the bat?

I’d doubt a socks proxy vuln (as per my fuzzy understanding of all of this) is all that likely neither, but a ‘high’ CVE means the sky will start falling soon, so I’m trying to gauge what an applicable response is like, there’s a whole bunch of vendors bundling osquery right now

The table is "curl" only in name, but it does not make use of libcurl; we have no use of that library in osquery.

Well that’s easier then, entirely unrelated