Oreoxmt
commented
1 year ago Dear submitter,
We would like to thank you for bringing to our attention the vulnerability in our system. Please be assured that we take security matters very seriously and are committed to addressing any issues as quickly and efficiently as possible.
We currently have a dedicated vulnerability submission channel available to the public. Detailed submission guidelines and the submission channel can be found at https://www.pingcap.com/security/ for further information.
Once again, thank you for your attention to this matter. We truly value your contribution to improving the security of our system, and we look forward to working with you to make it even better.
Best regards,
The PingCAP Team
Hello!
I hope you are doing well!
We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.
Can you enable it, so that we can report it?
Thanks in advance!
PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository