In association with the release of curl 8.4.0, we publish a security advisory and all the details for CVE-2023-38545. This problem is the worst security problem found in curl in a long time. We set it to severity HIGH.

While the advisory contains all the necessary details. I figured I would use a few additional words and expand the explanations for anyone who cares to understand how this flaw works and how it happened.

  • @[email protected]
    link
    fedilink
    51 year ago

    These things happen, best you can do is fix them when they do and accept responsibility. Cheers to the devs. Memory-safe languages are the future