Jamie Slome issues

Results 429 issues of


                                            Jamie Slome

Researchers ask for CVEs even if maintainer is not responding

Reference: https://huntr.dev/bounties/bd665197-1f51-4fd1-a9b2-6d3a21553c6e/

How can we share details with maintainers if they do not want to use our links?

Reference: https://github.com/dgtlmoon/changedetection.io/issues/475

I spend a lot of my time manually assigning and publishing CVEs

From an operational perspective, I spend a lot of time responding to requests to assign and publish CVEs against reports that have not automatically received one. Typically, the researcher requests...

discussion

+14

Allow maintainers to add blog references to the CVE

I have seen various package/app release blogs written including references to the platform. We can use these blogs as references in the CVE.

Make some comments private

Reference: https://www.huntr.dev/bounties/ac24b343-e7da-4bc7-ab38-4f4f5cc9d099/

Allow researchers to share fixes for vulnerabilities privately

Refer to this [report](https://www.huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d/) for more context.

Maintainer finds it difficult to find patch suggestions made by researcher

Please refer to the following [report](https://www.huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d/):

Researcher did not realise that they can reject/close the report themselves

A researcher got in touch via the `@admin` functionality, asking us to close a report on their behalf: https://huntr.dev/bounties/f4997861-5b0b-473f-994c-be29dfd58d9f It seems in this case that it was not clear that...

Make our process obvious to maintainers

Artefacts - [ ] Create a step by step guide - [ ] Place it along their path (somewhere relevant and timely) Core Success Measures - [ ] Maintainer that...

Personal activity log

Prior art is based on the GitHub activity dashboard. - [ ] Display recent messages - [ ] Recent disclosures - [ ] Recent patches - [ ] Recent CVEs