Newly disclosed (and dismissed) #curl vulnerability reports
"HTTP headers eat all memory:"
hackerone.com/reports/2552192
"Incorrect conversion in hostname"
hackerone.com/reports/2552179
"Unicode-to-ASCII conversion in cmdlines on Windows lead to argument injection"
hackerone.com/reports/2550951
Transparency baby.
curl disclosed on HackerOne: Unicode-to-ASCII conversion on Windows...
Hello cURL team, I am splitline from DEVCORE Research Team. We recently found a vulnerability on cURL. We have reproduced the issues in the latest version of cURL (curl-8.8.0_1) and would like to...HackerOne