Add a security policy #1576
Comments
|
You can send me an email at contact@ninenines.eu if you want. If this is related to the distribution cookie, please see this comment: #1574 (comment) |
|
Thanks for the follow-up @essen :) Happy to create a Just for reference, the report can be found directly here: It is private and only accessible to maintainers with repository write permissions. |
|
That's exactly the same issue I linked, please read the comment. This is not a security vulnerability in Cowboy, the distribution cookie is meant to separate clusters, not to provide authentication. It is up to product developers to configure, expose or implement restrictions depending on their needs. |
Hello 馃憢
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@lethanhtrung22) has found a potential issue, which I would be eager to share with you.
Could you add a
SECURITY.mdfile with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.Looking forward to hearing from you 馃憤
(cc @huntr-helper)
The text was updated successfully, but these errors were encountered: