Good Morning/Evening,
I just wanted to reach out and make sure we don't need to worry about the recently disclosed libcurl vulnerability CVE-2023-38545. This is a buffer overflow vulnerability in the socks5h proxy. The vulnerability has been patched in libcurl 8.4.0
Affected libcurl versions: 7.69.0 through 8.3.0
Hi
On most systems we don't link libcurl statically, so once you updated system packages - it's all good.
Windows build is bundled with our own instance of libcurl, and updated package will be released shortly.
Thank you for the info!