Set up a security policy
Closed this issue · 4 comments
Hello @nayzo,
I would like to report a security issue with this library but no security policy was defined for the project.
Could you add one: https://github.com/nayzo/NzoUrlEncryptorBundle/security/policy
So that I can report the issue through the right channel.
I the meantime I would advise against using this library.
Thanks
Hello @Techbrunch,
You can report the security issue at: contact [@] alakhefifi [.] com
Thank you in advance.
No security issue detected as far as using the bundle there is no way to decrypt the encrypted text without using the bundle it self !
From an encrypted text you cannot get the original text without using the bundle (which is the whole purpose of the bundle).
You may have found a glitch but it has no effect on the equation and what it's mentioned above !
Thank you anyway.
Closing this issue.
There are actually multiple critical issues with this library, if @nayzo does not contact me I'll make them public.
Email sent, I see the problem. I pushed the fix.
Thanks @Techbrunch