search

afichet / openexr-viewer

Simple viewer for OpenEXR files with detailed metadata display
BSD 3-Clause "New" or "Revised" License
92 stars 6 forks source link

Vulnerability in openexr-viewer #43

Closed GAP-dev closed 8 months ago

GAP-dev commented 10 months ago

Hello, I found vulnerability in openexr-viewer. Where can i report this?

GAP-dev commented 8 months ago

oh, I will check now.

GAP-dev commented 8 months ago

It seems perfect! I would like to submit a CVE request.

afichet commented 8 months ago

Thanks a lot for your issue and your help! Currently pushing the updated version.

Regarding the CVE request, I am not familiar with this process. Does this require action on my end?

GAP-dev commented 8 months ago

The best way is to enable security.md in github. If you enable security.md, I will report again through github security advisory.

Screenshot 2023-12-10 at 10 32 11 AM
afichet commented 8 months ago

Thanks for the screenshot! I've approved the request and the review for a CVE. Let me know if there is additional action needed from my part. I'll reopen the issue if that's the case. Cheers.