Curl v8.4.0 is out, and fixes – among other things – a high-severity SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545). Appropriate patches for some older curl versions have been released, too. Preparation for the security updates A little over a week ago, lead developer Daniel Stenberg announced the upcoming release of the newest curl version and said that it would carry patches for CVE-2023-38545 and CVE-2023-38546, a low-severity bug that has been described today as a … More
The post Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545) appeared first on Help Net Security.