HackerOne Bug Bounty Disclosure: unsafe-use-of-strcpy-in-curl-ldap-err-string-packages-os-os-sys-c-stack-buffer-overflow-poc-asan-biswarup-das
Company Name:
curl
Company HackerOne URL:
https://hackerone.com/curl
Submitted By:
biswarup_das
Link to Submitters Profile:
https://hackerone.com/biswarup_das
Report Title:
Unsafe use of strcpy in Curl_ldap_err2string (packages/OS400/os400sys[.]c) stack-buffer-overflow (PoC + ASan)
Report Link:
https://hackerone.com/reports/3418528
Date Submitted:
10 November 2025
Support Our Work
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.
AI APIs OSINT driven New features
