Hacker News
new
top
best
ask
show
job
Uncontrolled File Write/Arbitrary File Creation
(
hackerone.com
)
8 points
by
smartberry9
7 months ago
2 comments
dcrazy
7 months ago
I hope you’re not also the one who submitted this “vulnerability”. If you are, prepare to have your mind blown by `sudo rm /etc/passwd`.
porridgeraisin
7 months ago
Won't be surprised if this gets a CVE
dcrazy
7 months ago
You “wouldn’t be surprised” if curl issues a CVE for the existence of the -o flag?
porridgeraisin
7 months ago
It was sarcastic. Because of the ...low signal-noise ratio... in CVEs these days.
dcrazy
7 months ago
curl has become their own CNA specifically because so many useless CVEs about curl were being issued by other parties:
https://daniel.haxx.se/blog/2024/01/16/curl-is-a-cna/