1. do not assume that URLs will be treated the same cross user-agents.... - Random

bagder, 1 month ago

do not assume that URLs will be treated the same cross user-agents.

do not assume that IPv4-mapped IPv6-addresses can be written in octal.

Another day. Another security report against #curl we could close.

https://hackerone.com/reports/2493548

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

Image

Image alternative text

vastodon, 27 days ago

@bagder nicely handled! Thanks for taking the time to respond to these reports! Its widely underestimated how much time, knowledge and mental effort it takes to deal with these reports on a regular basis.

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

bagder, 27 days ago

@vastodon thank you. Yes, it does take a significant amount of time and effort ... but luckily, sometimes we can get more value out of single issues by sharing the lessons with a wider audience after the fact.

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

luc122c, 1 month ago

@bagder 9.8 critical? 😬

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

bagder, 1 month ago

@luc122c I suppose everyone is allowed an opinion...

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

mondanzo, 1 month ago

@bagder it dreads me that some responses seem chatgptfied.

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

bagder, 1 month ago

@mondanzo me too. It seems more common now for real humans to get chatgpt help phrasing and writing vulnerability reports.

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

Add comment