Vulnerabilities

Note

Important! In case you found vulnerability or security issue in one of the libraries we use or somewhere else in the code, please contact us via e-mail at gabor.brs@gmail.com. Please do not use this channel for support.

Reporting vulnerabilities

What is vulnerability?

Vulnerability is a cyber-security term that refers to a flaw in a system that can leave it open to attack. The vulnerability may also refer to any type of weakness in a computer system itself, in a set of procedures, or in anything that leaves information security exposed to a threat. - by techopedia

In case you found a vulnerability

In case you found vulnerability or security issue in one of the libraries we use or somewhere else in the code, please do not publish it, instead, contact us via e-mail at gabor.brs@gmail.com. We will take the necessary steps to fix the issue. We are handling the vulnerabilities privately.

To make report processing easier, please consider the following:

  • Use clear and expressive subject

  • Have a short, clear, and direct description including the details

  • Include OWASP link, CVE references or links to other public advisories and standards

  • Add steps on how to reproduce the issue

  • Describe your environment

  • Attach screenshots if applicable

Note

This article is a pretty good resource on how to report vulnerabilities.

In case you have any further questions regarding vulnerability reporting, feel free to open an issue on GitHub.