Hello,
a potential security vulnerability has been identified in this repository and reported to us, CERT.PL.
We understand that this project may no longer be actively maintained. However, before the vulnerability is publicly disclosed via CVE, we wanted to give the maintainers an opportunity to review and address the issue.
Since this repository does not provide a dedicated security contact or vulnerability reporting channel, could you please advise on a secure way to share the details privately?
If there is no response within a reasonable timeframe (30 days), the vulnerability may be disclosed according to responsible disclosure practices.
Thank you in advance!
Hello,
a potential security vulnerability has been identified in this repository and reported to us, CERT.PL.
We understand that this project may no longer be actively maintained. However, before the vulnerability is publicly disclosed via CVE, we wanted to give the maintainers an opportunity to review and address the issue.
Since this repository does not provide a dedicated security contact or vulnerability reporting channel, could you please advise on a secure way to share the details privately?
If there is no response within a reasonable timeframe (30 days), the vulnerability may be disclosed according to responsible disclosure practices.
Thank you in advance!