Hi, I found a security issue affecting this repo and do not want to post exploit details publicly. Is there a preferred private security contact or can GitHub private vulnerability reporting be enabled?
High-level, non-sensitive summary only: this concerns file/path handling and image URL fetching behavior in image tooling. I have not posted exploit details here.
Hi, I found a security issue affecting this repo and do not want to post exploit details publicly. Is there a preferred private security contact or can GitHub private vulnerability reporting be enabled?
High-level, non-sensitive summary only: this concerns file/path handling and image URL fetching behavior in image tooling. I have not posted exploit details here.