The original #hackerone report for #curl's CVE-2024-7264: ASN.1 date parser overread is now published:
curl disclosed on HackerOne: CVE-2024-7264: ASN.1 date parser overread
## Summary: When a specially-crafted certificate is passed to `Curl_extract_certinfo` to parse, it may read bytes beyond the end of the buffer in which the certificate is held. According to the...HackerOne
GhostDog98
in reply to daniel:// stenberg:// • • •