dastaj
commented
8 months ago @Keldos-Li @GaiZhenbiao I have been able to found 2 vulnerabilities for now - is it possible to create GHSA for them?
Open dastaj opened 8 months ago
dastaj
commented
8 months ago @Keldos-Li @GaiZhenbiao I have been able to found 2 vulnerabilities for now - is it possible to create GHSA for them?
GaiZhenbiao
commented
8 months ago Private vulnerability reporting is now enabled. We have requested a CVE before, I'm looking forward to make Chuanhu Chat more secure!
dastaj
commented
8 months ago @GaiZhenbiao @Keldos-Li thanks for your response - I will describe my findings at the weekend :)
dastaj
commented
8 months ago @GaiZhenbiao @Keldos-Li I have reported vulns that I was able to find - @GaiZhenbiao should be able to access them.
dastaj
commented
7 months ago @GaiZhenbiao @Keldos-Li I don't see previously reported vulnerabilities :/ @GaiZhenbiao are you able to see them, and will they going to be fixed?
EDIT: I have noticed that this maybe some GH issue, as I don't see GHSAs in other repos too
Hello,
I am pentester and security researcher, currently focused on LLM applications. I would like to test this application and then describe vulnerabilities I will find as GHSA issues (probably this will be part of bigger research in the future). I would appreciate it if those vulns could be requested for CVE from your side, preferably directly from GHSA. What do you think about this idea?
Best Regards, dastaj