You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I would like to start the implementation for a plugin that detects CVE-2021-3129.
The vulnerability was discovered recently and a patched version is already available. - (Patched for Laravel > v8.4.2) (A blogpost describing the vulnerability)
The vulnerability should have a HIGH or CRITICAL severity rating if there is already a CVE ID assigned (CVSS score >= 7.0): CVSS Score: 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
The vulnerability should have a relatively large impact radius. - Laravel is a commonly used PHP Web Framework.
The vulnerability should be remotely exploitable without authentication and user interaction. - Thats the case.
Please let me know if this is in scope to start with its development.
The text was updated successfully, but these errors were encountered:
Thanks for your request! This vulnerability is in scope for the reward program. Please submit our participation form and you can start working on the development.
Your PR has been reviewed by the scanner team and will be merged shortly after internal approval. This usually means a reward will be granted :) Google will start the internal QC process and the reward amount will be determined based on the quality of the detector report. Please be patient and allow up to a week for the QC process to finish. You'll be notified once the decision is made.
Your PR has been reviewed by the scanner team and will be merged shortly after internal approval. This usually means a reward will be granted :) Google will start the internal QC process and the reward amount will be determined based on the quality of the detector report. Please be patient and allow up to a week for the QC process to finish. You'll be notified once the decision is made.
Hey Tsunami Team
I would like to start the implementation for a plugin that detects CVE-2021-3129.
Please let me know if this is in scope to start with its development.
The text was updated successfully, but these errors were encountered: