daniel:// stenberg:// 3 weeks ago • • daniel:// stenberg:// 3 weeks ago • • 4 out of 4 weekend HackerOne reports on #curl were closed as not applicableThey're all disclosedhackerone.com/curl/hacktivityHackerOneHackerOne #curl Languages Search Text Share via ...
in reply to daniel:// stenberg:// Aljoscha Rittner (beandev) in reply to daniel:// stenberg:// • 3 weeks ago • • The reporter of hackerone.com/reports/3293801 would probably be surprised at the handling of Windows DLLs. 🤔🤷curl disclosed on HackerOne: Title: Remote Code Execution (RCE) via...#### Summary: The `curl` command-line tool is vulnerable to Arbitrary Code Execution on POSIX-like systems (Linux, macOS, etc.). The `--engine` option allows loading an OpenSSL crypto engine from a...HackerOne Languages Search Text Share via ...
in reply to daniel:// stenberg:// ⊥ᵒᵚ⁄Cᵸᵎᶺᵋᶫ∸ᵒᵘ ☑️ in reply to daniel:// stenberg:// • 3 weeks ago • • more AI slop? Languages Search Text Share via ...
in reply to ⊥ᵒᵚ⁄Cᵸᵎᶺᵋᶫ∸ᵒᵘ ☑️ daniel:// stenberg:// in reply to ⊥ᵒᵚ⁄Cᵸᵎᶺᵋᶫ∸ᵒᵘ ☑️ • 3 weeks ago • • @falken at least one, yes @⊥ᵒᵚ⁄Cᵸᵎᶺᵋᶫ∸ᵒᵘ ☑️ Languages Search Text Share via ...
in reply to daniel:// stenberg:// Ondřej Surý in reply to daniel:// stenberg:// • 3 weeks ago • • The copy-paste between hacker one and LLM is oh-so-annoying. It just shows that the reporter has no brain on their own. Languages Search Text Share via ...
in reply to daniel:// stenberg:// Nils Goroll 🕊️ in reply to daniel:// stenberg:// • 3 weeks ago • • i want to report a critical vulnerability: curl executes arbitrary code with LD_PRELOAD=evil.sowhere are my 9.2k$ alright?if i were you, i'd just stop this h1 madness… Languages Search Text Share via ...
Aljoscha Rittner (beandev)
in reply to daniel:// stenberg:// • • •curl disclosed on HackerOne: Title: Remote Code Execution (RCE) via...
HackerOne⊥ᵒᵚ⁄Cᵸᵎᶺᵋᶫ∸ᵒᵘ ☑️
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to ⊥ᵒᵚ⁄Cᵸᵎᶺᵋᶫ∸ᵒᵘ ☑️ • • •Ondřej Surý
in reply to daniel:// stenberg:// • • •Nils Goroll 🕊️
in reply to daniel:// stenberg:// • • •i want to report a critical vulnerability: curl executes arbitrary code with LD_PRELOAD=evil.so
where are my 9.2k$ alright?
if i were you, i'd just stop this h1 madness…