Please Open a Security Advisory

Question

Please Open a Security Advisory

JLLeitschuh opened this issue 4 years ago · 4 comments

Hello,

I'm an independent security researcher performing security research under the GitHub Security Lab Bug Bounty Program. I believe I may have found a security vulnerability in this project.

Please open a security advisory against this repository so we can privately discuss the details. This advisory can be opened by a user with admin permissions on this repository.

https://github.com/google/data-transfer-project/security/advisories

Answer 1 · 2021-03-03T17:15:51.000Z

Hiya! thanks we've received this report internally and are working on a fix!

Answer 2 · 2021-03-04T23:31:23.000Z

Hi,
How can I best track this to completion?

Answer 3 · 2021-03-10T20:00:39.000Z

Hey! Sorry for the miscommunication, this is being tracked as a regular issue since the code is self contained - we'll be working on it when we get open cycles

I've opened up #968 to track this - lmk if you still have any questions!

Answer 4 · 2021-04-07T17:55:09.000Z

What's the plan for CVE issuance on this vulnerability?