Jeena@piefed.jeena.net to

OpensourceEnglish · 3 days ago

Fake AI Buffer Overflow Risk in Curl report

cross-posted to:
[email protected]

77

Fake AI Buffer Overflow Risk in Curl report

Jeena@piefed.jeena.net to

OpensourceEnglish · 3 days ago

cross-posted to:
[email protected]

curl disclosed on HackerOne: Buffer Overflow Risk in Curl_inet_ntop...

*Curl is a software that I love and is an important tool for the world. * *If my report doesn't align, I apologize for that.* The `Curl_inet_ntop` function is designed to convert IP addresses from binary format to human-readable string format, supporting both IPv4 and IPv6. It internally delegates to `inet_ntop4` for IPv4 addresses and `inet_ntop6` for IPv6 addresses. However, insufficient...

Now, with the help of AI, it’s even easier to waste time of open source developers by creating fake security vulnerability reports.

Chat

Kissaki
link
fedilink
English
arrow-up
1·
1 day ago
If it were a successful report they’d want the attribution, recognition, and publicity.

They didn’t see the bad they were doing. I wonder if they see it now. Given their response, I doubt it.

Opensource

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

A community for discussion about open source software! Ask questions, share knowledge, share news, or post interesting stuff related to it!

Credits

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

⠀

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

55 users / day
641 users / week
914 users / month
3.18K users / 6 months
357 local subscribers
1.5K subscribers
285 Posts
1.14K Comments
Modlog

mods:
Pierre-Yves Lapersonne