Alvaro Muñoz opened 3 years ago
|
|||||
Unfortunately, I did not get that report from your security lab. I do get several email regarding security vulnerabilities for used libraries, and either got them fixed or they are not applicable to OneDev. |
|||||
Thanks Robin, Is this address |
|||||
Yes, please send to me. |
|||||
Sent it, please feel free to close this issue. Please consider opening Security advisories for them in the github repo (https://github.com/theonedev/onedev/security/advisories) to be able to collaborate on remmediation and verification. |
|||||
Robin Shen changed state to 'Closed' 3 years ago
|
|||||
Thanks a lot for the detailed report. Will check it. |
|||||
Robin Shen referenced from other issue 2 years ago
|
Type |
Bug
|
Priority |
Critical
|
Assignee | |
Affected Versions |
Not Found
|
Issue Votes (0)
I am a member or the GitHub Security Lab team (https://securitylab.github.com) and we are attempting to reach a security contact for your project.
If such a contact is available, please drop us a line at securitylab@github.com or comment on this issue. We already send the report to
robin@onedev.io
on Nov 5th but got no answer.Kind Regards, Alvaro Munoz GitHub Security Lab