Vulnerability Disclosure

Question

Vulnerability Disclosure

spaceraccoon opened this issue 3 years ago · 5 comments

Dear accel-ppp Development Team,

I have filed a vulnerability disclosure by email to contact@accel-ppp.org. Please let me know when it is patched and we can use this issue for tracking purposes.

Thanks!

Answer 1 · 2021-12-28T14:05:10.000Z

Hi @spaceraccoon, could you please send info to dev@accel-ppp.org?

Answer 2 · 2021-12-28T14:43:45.000Z

Hi @DmitriyEshenko , okay, I have sent it. Thanks!

Answer 3 · 2021-12-28T18:29:55.000Z

@spaceraccoon fix proposal is here accel-ppp/accel-ppp#35

Answer 4 · 2021-12-29T00:52:18.000Z

Thanks @svlobanov , could you add one more credit:

Reported-by: Chloe Ong
Reported-by: Eugene Lim spaceraccoon@users.noreply.github.com
Reported-by: Kar Wei Loh

The patched code looks fine.

Thank you!

Answer 5 · 2022-01-24T03:25:14.000Z

Hi @DmitriyEshenko @svlobanov, we will be assigning CVEs on our end for this issue to save you time. Thanks!