Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security contact #1077

Open
mal-tee opened this issue Jan 23, 2024 · 5 comments
Open

Security contact #1077

mal-tee opened this issue Jan 23, 2024 · 5 comments

Comments

@mal-tee
Copy link

mal-tee commented Jan 23, 2024

Hello maintainer(s),

I am a security researcher from the Institute of Application Security at TU Braunschweig, Germany. We discovered a (potential) security vulnerability in your project.

We would like to report this vulnerability to you in a responsible and ethical manner.
Therefore, we do not want to disclose any details of the vulnerability publicly until you have had a chance to review and fix it.

Could you please let us know your prefered way of receiving security reports?

You can contact us at ias-disclosure@tu-braunschweig.de or by replying to this issue.

Thank you for your attention and cooperation.

@MegaSa1nt
Copy link
Contributor

Hi! Im one of contributors of this project and i have my own fork with many features, could you check it too, please?

https://github.com/MegaSa1nt/GMDprivateServer/tree/listscopy

@mal-tee
Copy link
Author

mal-tee commented Mar 27, 2024

Dear maintainer(s),

I am getting in touch again to ask you for a security contact. We want to disclose a (potential) security vulnerability in your project responsibly. Feel free to respond with your preferred method of disclosure in this issue or via email: ias-disclosure@tu-braunschweig.de

Please note that we anticipate to release our findings later this year.

Thank You


@MegaSa1nt Seems like your fork is affected as well, do you have a dedicated security contact?

@MegaSa1nt
Copy link
Contributor

@mal-tee , i have Discord: МегаСвятой#9096

@Cvolton
Copy link
Owner

Cvolton commented Mar 30, 2024

Hi, apologies for the late response, the normal email address I use for Git unfortunately doesn't currently work as I'm in the middle of a server migration, however I am reachable at cvolton.public@gmail.com, if you wish to report the issue there

@masckmaster2007
Copy link
Contributor

Dear maintainer(s),

I am getting in touch again to ask you for a security contact. We want to disclose a (potential) security vulnerability in your project responsibly. Feel free to respond with your preferred method of disclosure in this issue or via email: ias-disclosure@tu-braunschweig.de

Please note that we anticipate to release our findings later this year.

Thank You


@MegaSa1nt Seems like your fork is affected as well, do you have a dedicated security contact?

I have sent you an email from dimisaio[@]141412.xyz

I am one of the contributors from MegaSa1nt's fork

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants