Reporting a vulnerability

[igibek]

Hello!

I hope you are doing well!

We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.

Can you enable it, so that we can report it?

Thanks in advance!

PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository

[iapain]

Hi Igibek,

Thanks for this! I've enabled private vulnerability reporting. You may now report this to us.

Cheers, Deepak

On Mon, Apr 10, 2023 at 1:10 PM Igibek Koishybayev @.***> wrote:

Hello!

I hope you are doing well!

We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.

Can you enable it, so that we can report it?

Thanks in advance!

PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository

— Reply to this email directly, view it on GitHub https://github.com/fagbokforlaget/simple-fs/issues/53, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAIUVL5KQ27YWOFJEHPKK3XAPTBFANCNFSM6AAAAAAWY3WATU . You are receiving this because you are subscribed to this thread.Message ID: @.***>

-- Deepak Thukral http://iapa.in @.***