Need an email address to report 3 vulnerabilities we've found #633
Comments
leonwxqian
changed the title
|
Changed the title from 4 to 3 because based on the newest code, 1 of the vuln we've found before is gone. :) |
|
In general, you can see author's email addresses by |
|
|
Thanks for the mail, I'm already having a look. |
|
Checked the patches and the vulns are gone. |
|
All issues solved. |
hunyadi-dev
pushed a commit
to hunyadi-dev/civetweb
that referenced
this issue
Dec 18, 2020
MINIFICPP-1014 - Fix SFTP extension build on MacOS
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello, during security auditing of other product that use your library, we have found 3 vulnerabilities in civetweb and want to report them to you. 1 of them is considered to be fatal (remote code execution) so we want to report by email. We've found this line in civetweb/docs/Contribution.md:
" In case you think you found a security issue that should be evaluated and fixed before public disclosure, feel free to write an email. “
But I couldn't find any email address in the docs, would you please offer your email address so we can send the detailed report to you? Thank you.
Tencent Blade Team
The text was updated successfully, but these errors were encountered: