search

manios / docker-nagios

Docker image for Nagios Core in Alpine Linux with basic plugins, available for x86, x64 , ARM v6, ARM v7 and ARM64.
https://www.nagios.org/
Other
60 stars 28 forks source link

Reporting a vulnerability #56

Closed igibek closed 3 months ago

igibek commented 1 year ago

Hello!

I hope you are doing well!

We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.

Can you enable it, so that we can report it?

Thanks in advance!

PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository

manios commented 1 year ago

Hi @igibek !

I have enabled the feature Private vulnerability reporting for this repository. However I strongly advise that you describe the vulnerability in this issue as this repository is open source and not funded by someone. You can report now it if you want. Please describe the steps to reproduce it and possible fixes.

Thanks, Christos

manios commented 3 months ago

Closing after more than one year of inactivity and no answer from author @igibek .