Clik here to view.
More curl bug bounty
Together with Bountygraph, the curl project now offers money to security researchers for report security vulnerabilities to us. https://bountygraph.com/programs/curl The idea is that sponsors donate...
View ArticleClik here to view.
curl + hackerone = TRUE
There seems to be no end to updated posts about bug bounties in the curl project these days. Not long ago I mentioned the then new program that sadly enough was cancelled only a few months after its...
View ArticleClik here to view.
Report from the curl bounty program
We announced our glorious return to the “bug bounty club” (projects that run bug bounties) a month ago, and with the curl 7.65.0 release today on May 22nd of 2019 we also ship fixes to security...
View Articlecurl receives 10K USD donation
The largest ever single-shot monetary donation to the curl project just happened when indeed.com graciously boosted our economy with 10,000 USD. (It happened before the new year but as I was away then...
View ArticleClik here to view.
Remote-exploiting curl
In a Blackhat 2019 presentation, three gentlemen from the Tencent Blade Team explained how they found and managed to exploit two curl flaws. Both related to NTLM over HTTP. The “client version...
View ArticleClik here to view.
Report: curl’s bug bounty one year in
On April 22nd 2019, we announced our current, this, incarnation of the curl bug bounty. In association with Hackerone we now run the program ourselves, primarily funded by gracious sponsors. Time to...
View ArticleClik here to view.
bug-bounty reward amounts in curl
A while ago I tweeted the good news that we’ve handed over our largest single monetary reward yet in the curl bug-bounty program: 700 USD. We announced this security problem in association with the...
View Article--- Article Not Found! ---
*** *** *** RSSing Note: Article is missing! We don't know where we put it!!. *** ***
View Article
