Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GHSL-2020-110 #55

Closed
kevinbackhouse opened this issue Jun 15, 2020 · 2 comments
Closed

GHSL-2020-110 #55

kevinbackhouse opened this issue Jun 15, 2020 · 2 comments

Comments

@kevinbackhouse
Copy link

Hello,

I am a member of the GitHub Security Lab (https://securitylab.github.com).

I've attempted to reach a maintainer for this project to report a potential security issue but have been unable to verify the report was received. Please could a project maintainer could contact us at securitylab@github.com, using reference GHSL-2020-110?

Thank you,
Kevin Backhouse
GitHub Security Lab
@mikaelbr
Copy link
Owner

Version 2.0.0 released fixing issue and previous versions are deprecated with notice of shell exploitation possibility. Thanks for the heads up.

@kevinbackhouse
Copy link
Author

@mikaelbr: Thank you for fixing it! Would you be willing to create a GitHub security advisory for this issue? Instructions are here. It's an easy way to create a CVE for the issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mikaelbr @kevinbackhouse