curl disclosed on HackerOne: Buffer Overflow Risk in Curl_inet_ntop...
hackerone.com
*Curl is a software that I love and is an important tool for the world. * *If my report doesn't align, I apologize for that.* The `Curl_inet_ntop` function is designed to convert IP addresses from binary format to human-readable string format, supporting both IPv4 and IPv6. It internally delegates to `inet_ntop4` for IPv4 addresses and `inet_ntop6` for IPv6 addresses. However, insufficient...

Now, with the help of AI, it’s even easier to waste time of open source developers by creating fake security vulnerability reports.

  • FizzyOrange@programming.dev
    14·
    12 days ago

    Pretty disappointing that some people think this is acceptable behaviour.

    At least it’s still very obviously “AI slop” as they put it. If ChatGPT ever stops its distinctive patronising waffle it’s going to be much more annoying to filter out.