• nathris@lemmy.ca
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    Could be an RCE exploit. Doesn’t matter if it’s privilege escalation at that point because it can be used to execute a payload that can.

    • PowerCrazy@lemmy.ml
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      1 year ago

      I’ll admit i’m out of my depth about exactly how curl works on the local system, but surely if there is a vulnerability in the “libcurl” library that is much more serious and severe then just saying “curl” is vulnerable.

      I’m assuming that libcurl touches a huge amount of the linux network stack.