Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Imagine the headline if a slop security report ends up real but the maintainer ignored it.

It’s a lose-lose situation for the maintainers



Thankfully in this case it's a curl vulnerability that doesn't use curl in the reproducer. That's a fairly safe call.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: