3 matches found
curl: A quiet New Year wish for security researchers
Hi curl Security Team and fellow security researchers, Sorry in advance if this isn’t a traditional security report. I know your time is valuable, and I truly respect the work you all do. I just wanted to take a quiet moment to wish every security researcher here those who report issues, those wh...
CVE-2024-2004
When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been...
CURL-CVE-2024-2004 Usage of disabled protocol
When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been...