Open JamieSlome opened 3 years ago
Hi Jamie, thanks a lot, but this project has reached End of Life for around 6 years, not sure how to deal with this issue. You can reach me by using my github name @web.de ! See you Jamie
Hi Jamie, I have built a massive project starting with Huge at its core and working outwards. I'm fairly confident that what I have ended up with is secure, but never say never and just the hint of a problem has me worried. Personally, if there is no way to publicise the issue in private, I would rather you just go ahead and post it on here ...but that's just my opinion.
https://github.com/panique/huge/pull/896 - please refer to.
@panique - alternatively, you can view the advisory here. It is only accessible to you and the researcher.
Hi there,
I couldn't find a
SECURITY.md
in your repository and am not sure how to best contact you privately to disclose a security issue.Can you add a
SECURITY.md
file with an e-mail to your repository, so that our system can send you the vulnerability details? GitHub suggests that a security policy is the best way to make sure security issues are responsibly disclosed.Once you've done that, you should receive an e-mail within the next hour with more info.
Thanks! (cc @huntr-helper)