Reporting a vulnerability

[igibek]

Hello!

I hope you are doing well!

We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.

Can you enable it, so that we can report it?

Thanks in advance!

PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository

[thanasisk]

@igibek thank you for reaching out. Please email [email protected] with your findings. If the content is extremely sensitive, feel free to GPG it. My personal GPG key is:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEZA73cBYJKwYBBAHaRw8BAQdAU6GRbFIRZ/HyMVg6Mnb9YAf6AsfmXem9tSiu
tgL+jza0TUF0aGFuYXNpb3MgS29zdG9wb3Vsb3MgKEF0aGFuYXNpb3MnIFRpbWVz
Y2FsZSBLZXkpIDxhdGhhbmFzaW9zQHRpbWVzY2FsZS5jb20+iJkEExYKAEEWIQQQ
Eni4Lpa/Ik+MiPZaqMuzCN/lBwUCZA73cAIbAwUJAd/iAAULCQgHAgIiAgYVCgkI
CwIEFgIDAQIeBwIXgAAKCRBaqMuzCN/lB4/RAQCjp4UQcxxqm0TEw+YnFaxpgXmu
ozDm6p+lGP/9FSojdgEA4hkjP0H/E/NxQvJRuqKSNLjG0Bf+iLHkaATXjrMouwm4
OARkDvdwEgorBgEEAZdVAQUBAQdAYzl3AjIZVqS1yNFk1Dun+9iJ2iwFUZTbTTZc
YcTx0goDAQgHiH4EGBYKACYWIQQQEni4Lpa/Ik+MiPZaqMuzCN/lBwUCZA73cAIb
DAUJAd/iAAAKCRBaqMuzCN/lB79qAP9clLF4366q8ULJcqp4AlfRTAPajJf7CWdp
h/Km8NnqXAEA+17yiKIt8lTCqkABRKbWPDc2d4rCbVtLtT8ysiVHQw4=
=X+rV
-----END PGP PUBLIC KEY BLOCK-----