commitizen-action icon indicating copy to clipboard operation
commitizen-action copied to clipboard
verified publisher icon commitizen-tools

Reporting a vulnerability

Open igibek opened this issue 2 years ago • 2 comments

Hello!

I hope you are doing well!

We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.

Can you enable it, so that we can report it?

Thanks in advance!

PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository

igibek avatar Apr 10 '23 11:04 igibek

I've enabled it. I'm on holiday so it might take it till next week to fix it. @Lee-W if you can please take a look

woile avatar Apr 10 '23 11:04 woile

@woile sure! @igibek please let me know when you report it. we'll see how we can fix that. Thanks!

Lee-W avatar Apr 10 '23 15:04 Lee-W