Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document how people outside the project can report vulnerabilities #255

Open
AOrthVector opened this issue Nov 28, 2023 · 0 comments
Open

Document how people outside the project can report vulnerabilities #255

AOrthVector opened this issue Nov 28, 2023 · 0 comments
Assignees
@AOrthVector
Labels
silver issues related to moving to OpenSSF silver badge
Milestone
Vulnerability rep...

Comments

@AOrthVector
Copy link
Contributor

AOrthVector commented Nov 28, 2023
edited
Loading

  • The project needs to have a documented process when someone reports a vulnerability
  • Unless the submitter want to be anonymous, credit should be given to the person who found and reported the vulnerability

see this page from Apache as an example

see [#254]
@AOrthVector AOrthVector added the silver issues related to moving to OpenSSF silver badge label Nov 28, 2023
@AOrthVector AOrthVector changed the title Vulnerabilities Document how people outside the project can report vulnerabilities Jul 7, 2024
@AOrthVector AOrthVector self-assigned this Jul 7, 2024
@AOrthVector AOrthVector moved this to Todo in The Road to Gold Sep 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AOrthVector AOrthVector

Labels
silver issues related to moving to OpenSSF silver badge
Projects
Open issues
Status: No status
The Road to Gold
Status: Todo
Milestone
Vulnerability report process
Development

No branches or pull requests
1 participant
@AOrthVector