git-market/curl-curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-11 12:01:42 +08:00
Code Issues Actions 14 Packages Projects Releases Wiki Activity
master
curl-curl/docs/BUG-BOUNTY.md
Daniel Stenberg ed7bf43a08
BUG-BOUNTY.md: minor rephrase to say there is no bug bounty 
also add a brief mention to VULN-DISCLOSURE-POLICY.md

Closes #20878
2026-03-10 17:34:08 +01:00

17 lines
478 B
Markdown
Raw Permalink Blame History

<!--
Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
SPDX-License-Identifier: curl
-->
# No curl bug bounty
The curl project does not offer any rewards for reported bugs or
vulnerabilities. We do not aid security researchers to get such rewards for
curl problems from other sources.
A bug bounty gives people too strong incentives to find and make up "problems"
in bad faith that cause overload and abuse.
We still appreciate and value valid vulnerability reports.
Reference in New Issue View Git Blame Copy Permalink