romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-04 06:57:56 +03:00
Code Issues Projects Releases Packages Wiki Activity
curl/docs/BUG-BOUNTY.md
Daniel Stenberg ca7ef4b817
BUG-BOUNTY.md: we stop the bug-bounty end of Jan 2026 
Remove mentions of the bounty and hackerone.

Closes #20312
2026-01-26 08:26:28 +01:00

18 lines
569 B
Markdown
Raw Blame History

<!--
Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
SPDX-License-Identifier: curl
-->
# The curl bug bounty
Up until the end of January 2026 there was a curl bug bounty. It is no more.
The curl project does not offer any rewards for reported bugs or
vulnerabilities. We also do not aid security researchers to get such rewards
for curl problems from other sources either.
A bug bounty gives people too strong incentives to find and make up "problems"
in bad faith that cause overload and abuse.
We still appreciate and value valid vulnerability reports.
Reference in a new issue View git blame Copy permalink