hrldcpr
commented
6 years ago Hi Ignasi, please use the email in my github profile. And thanks for bug-finding and discretion!
Open ignasi35 opened 6 years ago
hrldcpr
commented
6 years ago Hi Ignasi, please use the email in my github profile. And thanks for bug-finding and discretion!
bowbahdoe
commented
4 years ago If this situation is resolved, can the ticket be closed? Or is the situation that led to the DoS still an open issue?
hrldcpr
commented
4 years ago Thanks for checking on this, sad to say the issue still exists. It's quite a lot of work to fix though, but also isn't super critical in my opinion (Java Collections had the same issue for at least a decade).
I'll see if I can open some issues that would help lead to fixing it, and maybe someone can take a crack at it.
gurshafriri
commented
4 years ago 👋 @hrldcpr in the meantime can you elaborate more on the issue at hand? we (at snyk) would like to add it to our vulnerability db if it is valid.
I'd rather not disclose details yet to prevent zero-day.
@hrldcpr what is your preferred channel to report security-related issues?