Security report follow-up #9995
-
|
Hi, I hope you're doing well. A little while ago, I submitted a security vulnerability report to I completely understand that security reports may take time to review. I just wanted to check whether my email was successfully received and reached the appropriate team. I'm intentionally not sharing any technical details here, as I'd prefer to keep the report private until it has been reviewed. Whenever someone has a chance, I'd appreciate a confirmation that the report was received. Thank you. |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 5 replies
-
|
That email address is unfortunately not reaching any active maintainers at the moment... I know that this is the one mentioned in our security policy, but we need to review this document. Are you able to report it using this link? https://github.com/encode/django-rest-framework/security/advisories/new That might be a better route forward, as it provides some tools to help fixing |
Beta Was this translation helpful? Give feedback.
-
|
@browniebroke it's showing 404 |
Beta Was this translation helpful? Give feedback.
That email address is unfortunately not reaching any active maintainers at the moment... I know that this is the one mentioned in our security policy, but we need to review this document.
Are you able to report it using this link? https://github.com/encode/django-rest-framework/security/advisories/new
That might be a better route forward, as it provides some tools to help fixing