Linux cURL library

Problem Description

A critical vulnerability in cURL provides attackers with the ability to set up a host system that foists an overlong host name on clients when connecting to SOCKS5 proxies.

This results in a buffer overflow that allows remote code execution on the client system.

All cURL versions between 7.69.0 and including 8.3.0 are affected. cURL for Windows and cURL for Python are not affected. Fortunately, there is another limitation. The vulnerability can only be exploited if the SOCKS5 connection is via a proxy.

Additional Content

Please sign in to your mydSPACE account to view this content.

Tags

Date	2025-10-06
Type d’information	Notifications
Catégorie d’information	Product Security, Phase de débogage

Restez informé grâce à notre service de newsletter dSPACE direct.

Grâce à notre service de newsletter dSPACE, nous vous tiendrons informé des cas d'utilisation actuels, des nouvelles solutions et des nouveaux produits, ainsi que des formations et des événements. Inscrivez-vous ici pour un abonnement gratuit.

Enable form call

At this point, an input form from Click Dimensions is integrated. This enables us to process your newsletter subscription. The form is currently hidden due to your privacy settings for our website.

External input form

By activating the input form, you consent to personal data being transmitted to Click Dimensions within the EU, in the USA, Canada or Australia. More on this in our privacy policy.