CVE-2023-38545: curl SOCKS5 oversized hostname vulnerability. How bad is it?, (Wed, Oct 11th)

This post was originally published on this site

Last week, Daniel Stenberg announced that he would release a new version of the curl library and command line tool today, fixing a significant vulnerability. Curl is the de-facto standard library to create HTTP requests unless you still use Perl (good old LWP..). A significant vulnerability in curl will affect pretty much anything connecting to a web server. With everything becoming an HTTP-based API, code using curl is probably written faster than ever, and Daniel's work is more important than ever.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.