Multiple Security Vulnerabilities (OD-201)

Closed

Alvaro Muñoz opened 3 years ago

I am a member or the GitHub Security Lab team (https://securitylab.github.com) and we are attempting to reach a security contact for your project.

If such a contact is available, please drop us a line at securitylab@github.com or comment on this issue. We already send the report to robin@onedev.io on Nov 5th but got no answer.

Kind Regards, Alvaro Munoz GitHub Security Lab

Robin Shen commented 3 years ago

Unfortunately, I did not get that report from your security lab. I do get several email regarding security vulnerabilities for used libraries, and either got them fixed or they are not applicable to OneDev.

Alvaro Muñoz commented 3 years ago

Thanks Robin,

Is this address robin@onedev.io correct? if so, I will send again from my personal account

Robin Shen commented 3 years ago

Yes, please send to me.

Alvaro Muñoz commented 3 years ago

Sent it, please feel free to close this issue. Please consider opening Security advisories for them in the github repo (https://github.com/theonedev/onedev/security/advisories) to be able to collaborate on remmediation and verification.

Robin Shen changed state to 'Closed' 3 years ago

Previous Value	Current Value
Open	Closed

Robin Shen commented 3 years ago

Thanks a lot for the detailed report. Will check it.

Robin Shen referenced from other issue 2 years ago

Can't connect 'fixed issues' to builds? (OD-630)

Closed

Type	Bug
Priority	Critical
Assignee	Robin Shen
Affected Versions	Not Found

Issue Votes (0)

Watchers (4)

Reference

OD-201