Tag
cve-2023-38545
Safeguard articles tagged "cve-2023-38545" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Management
Inside CVE-2023-38545: the libcurl SOCKS5 heap overflow
A single off-by-length check in curl's SOCKS5 handshake, live for over three years across libcurl 7.69.0–8.3.x, earned a 9.8 CVSS score and a CWE-787 out-of-bounds write.
Jul 8, 20266 min read
Vulnerability Analysis
curl CVE-2023-38545: The Worst curl Vulnerability in Years
A heap buffer overflow in curl's SOCKS5 proxy handshake earned a severity rating of HIGH from curl's creator Daniel Stenberg, who called it the worst curl flaw in a long time.
Oct 11, 20235 min read