BigFix version 10.0.8 is using a version of cURL that is reported to be vulnerable. The vulnerable version of cURL is 7.86, This BigFix link lists the version used https://support.bigfix.com/bes/release/10.0/patch8/
Is there a ptav=ch or a fix that can be applied to use version 7.87 or later? This vulnerability shows up in a compliance audit using Nessus.