New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security Contact Requested #13
Comments
|
thanks for your message. This issue is closed due to lack of specific details. |
|
Hi @ericcwlaw - we're after some contact details to responsibly disclose a security vulnerability within this mercury project. |
|
@n33dle @prodigysml Thank you so much for pointing out the Xml External Entity (XXE) security vulnerability and providing your recommendation. We have patched the SimpleXmlParser and finished regression tests. The patch will be added to the release v1.12.28. |
|
code merged and verified |
@n33dle and I found a security vulnerability within the mercury project. We were hoping to get a core maintainer's contact details to responsibly disclose this vulnerability.
The text was updated successfully, but these errors were encountered: