Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2023-75809
HistoryOct 11, 2023 - 12:00 a.m.

cURL SOCKS5 Heap Overflow Vulnerability

2023-10-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
curl network data transfer command line tool
libcurl library
heap overflow vulnerability
socks5
attacker exploit
code execution
malicious hostname

7.6 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.7%

cURL is a network data transfer project. Usually when we say cURL, we mean the cURL command line tool. cURL’s underlying use is the libcurl library. A heap overflow vulnerability exists in cURL SOCKS5, which can be exploited by an attacker to construct a malicious hostname and cause code execution.

CPENameOperatorVersion
curl libcurl >=7.69.0,le8.3.0