Multiple Security Vulnerabilities (OD-201)

Alvaro Muñoz opened 5 years ago

I am a member or the GitHub Security Lab team (https://securitylab.github.com) and we are attempting to reach a security contact for your project.

If such a contact is available, please drop us a line at [email protected] or comment on this issue. We already send the report to [email protected] on Nov 5th but got no answer.

Kind Regards, Alvaro Munoz GitHub Security Lab

Robin Shen commented 5 years ago

Unfortunately, I did not get that report from your security lab. I do get several email regarding security vulnerabilities for used libraries, and either got them fixed or they are not applicable to OneDev.
Alvaro Muñoz commented 5 years ago

Thanks Robin,

Is this address [email protected] correct? if so, I will send again from my personal account
Robin Shen commented 5 years ago

Yes, please send to me.
Alvaro Muñoz commented 5 years ago

Sent it, please feel free to close this issue. Please consider opening Security advisories for them in the github repo (https://github.com/theonedev/onedev/security/advisories) to be able to collaborate on remmediation and verification.
Robin Shen changed state to 'Closed' 5 years ago
Previous Value Current Value
Open

Closed
Robin Shen commented 5 years ago

Thanks a lot for the detailed report. Will check it.
Robin Shen referenced from other issue 4 years ago

Can't connect 'fixed issues' to builds? (OD-630)

Closed
Login to comment

Previous Value	Current Value
Open	Closed

Type	Bug
Priority	Critical
Assignee	Robin Shen
Affected Versions	Not Found

Issue Votes (0)

Watchers (4)

Reference

OD-201