Report a Security Vulnerability #680
Comments
|
done |
|
Thanks! Friendly heads up that this vulnerability disclosure follows the Open Source Security Foundation (OSSF) Model Outbound Vulnerability Disclosure Policy: Version 0.1. |
|
Friendly ping, please take a look: https://github.com/PebbleTemplates/pebble/security/advisories/GHSA-7c6h-hmf9-7wj7 |
|
@ebussieres friendly heads up that the disclosure deadline has lapsed and full disclosure of the unfixed vulnerability will occur within the next week. |
|
Publicly disclosed here: GHSA-p75g-cxfj-7wrx |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
My name is Jonathan Leitschuh, I'm a Principal Software Security Researcher at Chainguard. I'd like to report a potential security vulnerability in the Pebble template engine.
Would you be so kind as to enable GitHub Private Vulnerability Reporting? I'd like to privately disclose the details to you there.
https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability
The text was updated successfully, but these errors were encountered: