Closed Sim4n6 closed 1 year ago
That's for your message, @Sim4n6. Since Heron is an Apache project we need to follow the Apache process for reporting vulnerabilities.
You can find more detail here: https://www.apache.org/security/
In sum, I send the report to security@apache.org ?
Yes, thank you.
Hi Incubatore-heron team,
I may have identified a security vulnerability in the latest code source. Could you please consider enabling the "Private reporting of security vulnerability" feature in GitHub, so I could proceed privately?
Many thanks for considering my request.