| ▲ | bilekas 4 hours ago | |
I'm not sure how that proves I didn't read the article ? | ||
| ▲ | croon 3 hours ago | parent [-] | |
Someone external to the curl team ran the test. If that third party found a severe CVE that they could use across all the global curl attack surface, and did not disclose it back to the curl team, the third party could keep using the exploit until discovered independently. | ||