Slow Fog: curl fixes 18 security vulnerabilities, it is recommended to upgrade curl/libcurl as soon as possible and investigate related risks

The Chief Information Security Officer of Slow Fog, 23pds, posted on the X platform that curl recently fixed 18 security vulnerabilities, involving issues such as authentication bypass, memory safety, and host verification, among which one libcurl vulnerability has existed for about 25 years. The risks are not limited to the curl command line but also widely affect applications, SDKs, containers, firmware, gateways, and CI/CD environments that rely on libcurl. It is recommended to upgrade curl/libcurl as soon as possible and check for the use of old versions of libcurl, especially paying attention to mTLS, proxy authentication, and connection reuse scenarios.