immich icon indicating copy to clipboard operation
immich copied to clipboard

Published 20 hours ago verified publisher icon immich-app

Security concern

Open JamieSlome opened this issue 3 years ago • 2 comments

Hello 👋

I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@vautia) has found a potential issue, which I would be eager to share with you.

Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.

Looking forward to hearing from you 👍

(cc @huntr-helper)

JamieSlome avatar Sep 16 '22 23:09 JamieSlome

Hey Jamie,

We will absolutely get that setup, if you want to discuss this faster if you join the discord I can add you to a secure channel where we can discuss this. Discord is in the README.

Cheers!

zackpollard avatar Sep 16 '22 23:09 zackpollard

Hi @JamieSlome , if you don't use Discord, you can also email me at [email protected] and I can relay the message back to the team!

Thank you for helping us looking into this

alextran1502 avatar Sep 17 '22 00:09 alextran1502

SECURITY.md was added

zackpollard avatar Sep 30 '22 23:09 zackpollard