<![endif] daniel.haxx.se Search Primary Menu Skip to content About Contact Privacy Search for: #masthead cURL and libcurl October 11, 2023 Daniel Stenberg 8 Comments .entry-meta .entry-header In association with the release of curl 8.4.0 , we publish a security advisory and all the details for CVE-2023-38545 . This problem is the worst security problem found in curl in a long time. We set it to severity HIGH . While the advisory contains all the necessary details. I figured I would use a few additional words and expand the explanations for anyone who cares to understand how this flaw works and how it happened. curl has supported SOCKS5 since August 2002 . SOCKS5 is a proxy protocol. It is a rather simple protocol for setting up network communication via a dedicated “middle man”. The protocol is for example typically used when sett...