Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Guidelines for reporters #56

Open
Mordil opened this issue Jun 1, 2021 · 1 comment
Open

Security Guidelines for reporters #56

Mordil opened this issue Jun 1, 2021 · 1 comment

Comments

@Mordil
Copy link
Contributor

Mordil commented Jun 1, 2021

It would be nice if the current guide for those reporting vulnerabilities included outlines - or just linked to articles - on what makes a good vulnerability report.

For example this article: https://medium.com/swlh/how-to-write-a-better-vulnerability-report-20163ab913fb

That way we can have a shared point of reference to link to, rather than each project might coming up with their own examples or finding their own articles to link to.
@taladrane
Copy link

hi all from the Advisory Database team 👋 I stumbled upon this issue while doing some Swift vulnerability research and wanted to share this resource that we developed in the Open Source Security Foundation with your security working group! the Guidance for Security Researchers to Coordinate Vulnerability Disclosures with Open Source Software Projects was developed for the community, so please feel free to use it if it's helpful for this issue 😄 GitHub has also recently released a Private Vulnerability Reporting feature that might interest your group in regards to this issue too 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Mordil @taladrane