daniel:// stenberg://

1 week ago

daniel:// stenberg://
1 week ago

Number of hackerone reports on #curl doubled since last year

#curl

in reply to daniel:// stenberg://

CypherS

in reply to daniel:// stenberg:// 1 week ago

noob question : what is a hackerone report?

in reply to daniel:// stenberg://

Elias Mårtenson

in reply to daniel:// stenberg:// 1 week ago

doesn't those numbers suggest some portion of those reports are undetected ai reports?

in reply to Elias Mårtenson

daniel:// stenberg://

in reply to Elias Mårtenson 1 week ago

yes that's what I believe as well

in reply to daniel:// stenberg://

Ludwig Vielfrass

in reply to daniel:// stenberg:// 1 week ago

my favorites were the reports about unsafe functions…in the test suite. 🙄😀

in reply to daniel:// stenberg://

Knut Branson

in reply to daniel:// stenberg:// 1 week ago

exponential growth in AI slop

in reply to daniel:// stenberg://

Thomas Lee ✅

in reply to daniel:// stenberg:// 1 week ago

And how many (few) are actually vulnerabilities?

in reply to Thomas Lee ✅

daniel:// stenberg://

in reply to Thomas Lee ✅ 1 week ago

see the green bars

in reply to daniel:// stenberg://

Thomas Lee ✅

in reply to daniel:// stenberg:// 1 week ago

that many?

I meant the question rhetorically. And id gave bet money on the answer. I'd feel a little bit better if it meant that hundreds of smart folk had done deep code dives and run tests to find issues. Even if not a vuln, that review level would be nice.

⇧

daniel:// stenberg:// 1 week ago • •

daniel:// stenberg://
1 week ago