Tag
libcurl
Safeguard articles tagged "libcurl" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Vulnerability Analysis
curl SOCKS5 Heap Overflow (CVE-2023-38545) Explained: When a Long Hostname Broke the Handshake
CVE-2023-38545 is a heap buffer overflow in curl and libcurl's SOCKS5 proxy handshake, triggered when a too-long hostname is copied into a fixed buffer during a slow handshake. Here is the bug.
Jul 8, 20266 min read
Vulnerability Management
Inside CVE-2023-38545: the libcurl SOCKS5 heap overflow
A single off-by-length check in curl's SOCKS5 handshake, live for over three years across libcurl 7.69.0–8.3.x, earned a 9.8 CVSS score and a CWE-787 out-of-bounds write.
Jul 8, 20266 min read
Vulnerability Response
CVE-2025-9086 in cURL: Patch Posture & SBOM Response
Heap out-of-bounds read in libcurl's cookie path comparison affects nearly every Linux distro. Defender SBOM playbook below.
Sep 12, 20257 min read