Skip to content
This repository has been archived by the owner on Oct 12, 2017. It is now read-only.

cherrypy/tools-legacy

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Reporting Vulnerabilities

⚠️ Please do not file public GitHub issues for security vulnerabilities as they are open for everyone to see! ⚠️

We encourage responsible disclosure practices for security vulnerabilities.

Reporting a Vulnerability

If you believe you've found a security-related bug, fill out a new vulnerability report via GitHub directly. To do so, follow these instructions:

  1. Click on the Security tab in the project repository.
  2. Click the green Report a vulnerability button at the top right corner.
  3. Fill in the form as accurately as you can, including as many details as possible.
  4. Click the green Submit report button at the bottom.

Don't Have A GitHub Account?

Alternatively, drop an email to our ?subject=[Security issue report] [PROJECT_NAME] SHORT TITLE...&body=I am writing to inform you that PROJECT_NAME has a pottential vulnerability and here are extremely detailed steps of how to exploit this dangerous behavior: 1. 2. 3. ">CherryPy security mailbox instead of filing a ticket or posting to any public groups. It is currently set up to forward every incoming letter to both Jason R. Coombs and Sviatoslav Sydorenko. You can choose to email us directly. We will try to assess the problem in timely manner and disclose it in a responsible way.

A Tidelift Subscriber?

If you prefer to, you may also report a security vulnerability through the Tidelift security contact. Tidelift will coordinate the fix and disclosure. This is not the maintainers' first preference, though. Please, use the GitHub's vulnerability reporting option, whenever possible.

About

No description, website, or topics provided.

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages