Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security Vulnerability #1105

Closed
haby0 opened this issue Oct 25, 2021 · 8 comments
Closed

Security Vulnerability #1105

haby0 opened this issue Oct 25, 2021 · 8 comments

Comments

@haby0
Copy link

haby0 commented Oct 25, 2021

What would be the right contact to report a security vulnerabilty? thanks!

@kizniche
Copy link
Owner

You can use this form https://kylegabriel.com/contact/

@kizniche
Copy link
Owner

I received your message, but you did not include any information about a vulnerability.

@haby0
Copy link
Author

haby0 commented Oct 26, 2021

I resubmitted.

@kizniche
Copy link
Owner

Thank you. Quite the vulnerability!

@haby0
Copy link
Author

haby0 commented Oct 26, 2021

Thanks for your reply. If you fix the vulnerability, can you apply for a CVE identification number?

Reference: https://docs.github.com/en/code-security/security-advisories/about-github-security-advisories

@kizniche
Copy link
Owner

Security advisory added at GHSA-252r-94ph-m229

@kizniche
Copy link
Owner

A CVE ID has been assigned: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41185

@haby0
Copy link
Author

haby0 commented Oct 27, 2021

A CVE ID has been assigned: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41185

Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants