作者在发文时也表示，这个漏洞可能是curl&libcurl在相当长一段时间内最严重的漏洞，因此不能公布更多的细节，防止该漏洞被攻击者利用，唯一可以 ...

CURLcode curl_global_init(long flags)功能：初始化libcurl 这个函数只能用一次。 (其实在调用curl_global_cleanup 函数后仍然可再用) 如果这个函数在 curl_easy_init函数调用时还没调用 ， 它将由libcurl库自动调用 所以多线程下最好主动调用该函数以防止在线程中curl_easy_init时多次调用。

近日，我的粉丝群里有人发了一张图片，内容是业界大佬TK教主的微博：看样子，是又有软件暴漏洞了，这次轮到了libcurl这个库。漏洞经常有，但能让TK教主单独发微博关注的漏洞，想必不是等闲之辈。仔细看这 ...

The second flaw, CVE-2023-38546, affects only libcurl and allows for arbitrary cookies injection into a program that uses libcurl.However, the issue is considered low severity.

curl 8.4.0 has been released to patch and release details on a hyped up high-severity security vulnerability (CVE-2023-38545), easing week-long concerns regarding the flaw's severity.

Its underlying library, libcurl, also serves as a backbone for web-aware applications, making it an essential component of the internet ecosystem. The high-severity vulnerability, CVE-2023-38545, ...