27 matches found
CVE-2026-47071
Uncontrolled Resource Consumption vulnerability in benoitc hackney allows Flooding. The SOCKS5 transport in src/hackneysocks5.erl correctly applies the caller-supplied timeout to the SOCKS5 negotiation phase, but then upgrades the connection to TLS using the two-argument form ssl:connect/2, which...
EUVD-2026-31685
Uncontrolled Resource Consumption vulnerability in benoitc hackney allows Flooding. The SOCKS5 transport in src/hackneysocks5.erl correctly applies the caller-supplied timeout to the SOCKS5 negotiation phase, but then upgrades the connection to TLS using the two-argument form ssl:connect/2, which...
CVE-2026-47071 SOCKS5 TLS upgrade ignores caller timeout in hackney
Uncontrolled Resource Consumption vulnerability in benoitc hackney allows Flooding. The SOCKS5 transport in src/hackneysocks5.erl correctly applies the caller-supplied timeout to the SOCKS5 negotiation phase, but then upgrades the connection to TLS using the two-argument form ssl:connect/2, which...
Hackney 安全漏洞
Hackney is a program library from Hackney, Inc. A security vulnerability exists in hackney versions prior to 0.10.0 through 4.0.1, which stems from the use of an infinite timeout by the SOCKS5 transport during TLS upgrades, which could result in infinite blocking of the connection process...
Anonymizing Network Traffic: A Dive into SOCKS5 and Data Encryption
SOCKS5 protocol explained: anonymize traffic, boost security with encryption, bypass restrictions, and enable reliable data collection for business use...
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
A nascent Android remote access trojan called Mirax has been observed actively targeting Spanish-speaking countries, with campaigns reaching more than 220,000 accounts on Facebook, Instagram, Messenger, and Threads through advertisements on Meta. "Mirax integrates advanced Remote Access Trojan RA...
JLSEC-2025-34 This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...
curl: Race condition on global `gss_context` during SOCKS5 GSS-API negotiation in libcurl
Summary: Concurrent SOCKS5 GSS-API authentications share a file-scope global gsscontext without synchronization, causing data races and undefined behavior. - Global context defined at: 52:54:curl/lib/socksgssapi.c static gssctxidt gsscontext = GSSCNOCONTEXT; - Passed by address into the GSS init...
Hydra Network Logon Cracker 9.6
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus...
Linux Distros Unpatched Vulnerability : CVE-2018-17613
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Telegram Desktop aka tdesktop 1.3.16 alpha, when Use proxy is enabled, sends credentials and application data in cleartext over the SOCKS5 protocol...
PT-2025-54486
Name of the Vulnerable Software and Affected Versions libcurl versions prior to 7.87.0-150400.7.26.1 openSUSE Leap 15.6 affected versions not specified SUSE Linux Enterprise Server 15 SP4 affected versions not specified Description The issue relates to libcurl's handling of TLS options during...
curl: heap based buffer overflow in the SOCKS5 proxy handshake
A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then...
curl: heap based buffer overflow in the SOCKS5 proxy handshake
A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then...
curl: heap based buffer overflow in the SOCKS5 proxy handshake
A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then...
ALPINE-CVE-2023-38545
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...
DEBIAN-CVE-2023-38545
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...
curl: heap based buffer overflow in the SOCKS5 proxy handshake
A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then...
curl: heap based buffer overflow in the SOCKS5 proxy handshake
A heap-based buffer overflow flaw was found in the SOCKS5 proxy handshake in the Curl package. If Curl is unable to resolve the address itself, it passes the hostname to the SOCKS5 proxy. However, the maximum length of the hostname that can be passed is 255 bytes. If the hostname is longer, then...
SUSE CVE-2023-38545
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...
UBUNTU-CVE-2023-38545
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...