Create vulnerability_report.md

ossf / wg-vulnerability-disclosures

The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by helping mature and advocate well-managed vulnerability reporting and communication.

https://openssf.org

Apache License 2.0

180 stars 40 forks source link

Create vulnerability_report.md #112

Closed u269c closed 2 years ago

u269c commented 2 years ago

Adding a template for researchers' as well.

This could potentially also be provided on the security policy for GH projects so as to standardize a little bit of the reporting.

Issue: https://github.com/ossf/wg-vulnerability-disclosures/issues/110

EdOverflow commented 2 years ago

Reporters frequently include a section on how resolve the reported issue. Maybe it would be worth including a subheading for "Suggested Fix"?

crystalhazen commented 2 years ago

Agree, @EdOverflow. That would be a great addition!

u269c commented 2 years ago

Good idea @EdOverflow and @crystalhazen - added a little thing.

SecurityCRob commented 2 years ago

CRob approves