SECURITY.md

Read ourVulnerability Disclosure Policy.

If you have found or just suspect a security problem somewhere in curl orlibcurl, report it onHackerOne.

We treat security issues with confidentiality until controlled and disclosed responsibly.

curl has achieved Gold status on the Open Source Security Foundation (OpenSSF)Best Practices (formerly Core InfrastructureInitiative Best Practices), reflecting its adherence to rigoroussecurity and best practice standards. This achievement highlights curl'scomprehensive documentation, secure development processes, effective changecontrol mechanisms, and strong maintenance routines. Meeting these criteriademonstrates curl's commitment to security and reliability, ensuring theproject's sustainability and trustworthiness. This underscores curl's role asa leader in open-source software practices. More information can be found oncurl's OpenSSF Best Practices project page.

There aren’t any published security advisories