Search
Items tagged with: hackerone
curl disclosed on HackerOne: CVE-2024-0853: OCSP verification...
## Summary: In version 8.5.0, cURL has inadvertently established a pathway for accepting revoked certificates. As a result of [this...HackerOne
For details on the #curl PSL vulnerability, check out the #hackerone report. And if you use libpsl, double-check that your use is correct: https://hackerone.com/reports/2212193
Two mentioned projects in this report in particular should check their code.
curl disclosed on HackerOne: CVE-2023-46218: cookie mixed case PSL...
## Summary: libcurl fails to normalize the `hostname` and `cookie_domain` parameters passed to `psl_is_cookie_domain_acceptable` function. As a result a malicious site can set a super cookie if the...HackerOne
We disclosed this #hackerone report against #curl when someone asked Bard to find a vulnerability, and it hallucinated together something:
https://hackerone.com/reports/2199174
curl disclosed on HackerOne: [Critical] Curl CVE-2023-38545...
## Summary: Curl CVE-2023-38545 vulnerability code changes are disclosed on the internet ## Steps To Reproduce: To replicate the issue, I have searched in the Bard about this vulnerability. It...HackerOne