Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security Contact #2267

Open
bronallo-bd opened this issue Jan 24, 2023 · 2 comments
Open

Security Contact #2267

bronallo-bd opened this issue Jan 24, 2023 · 2 comments

Comments

@bronallo-bd
Copy link

Hello,

Synopsys' Cybersecurity Research Center (CyRC) has identified vulnerabilities within the code base that we would like to responsibly disclose.

@manolama I've attempted to engage you directly through email, but haven't received any response. Could you please recommend an individual who can receive the details?

@manolama
Copy link
Member

manolama commented Jan 27, 2023 via email

@bronallo-bd
Copy link
Author

@manolama do you have any updates on this matter?

manolama added a commit to manolama/opentsdb that referenced this issue Apr 11, 2023
Escaping the user supplied input when outputing the HTML for the old BadRequest
HTML handlers should help. Thanks to the reporters.
Fixes CVE-2018-13003.
manolama added a commit to manolama/opentsdb that referenced this issue Apr 11, 2023
Escaping the user supplied input when outputing the HTML for the old BadRequest
HTML handlers should help. Thanks to the reporters.
Fixes CVE-2018-13003.
manolama added a commit to manolama/opentsdb that referenced this issue Apr 11, 2023
Escaping the user supplied input when outputing the HTML for the old BadRequest
HTML handlers should help. Thanks to the reporters.
Fixes CVE-2018-13003.
manolama added a commit to manolama/opentsdb that referenced this issue Apr 11, 2023
Escaping the user supplied input when outputing the HTML for the old BadRequest
HTML handlers should help. Thanks to the reporters.
Fixes CVE-2018-13003.
manolama added a commit that referenced this issue Apr 11, 2023
Escaping the user supplied input when outputing the HTML for the old BadRequest
HTML handlers should help. Thanks to the reporters.
Fixes CVE-2018-13003.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants