starred/ArchiveBox

Fork 0

mirror of https://github.com/ArchiveBox/ArchiveBox.git synced 2026-04-26 01:26:00 +03:00

[GH-ISSUE #934] Who to contact for security issues #3597

New issue

Closed

opened 2026-03-14 23:39:14 +03:00 by kerem · 3 comments

kerem commented

2026-03-14 23:39:14 +03:00

Owner

Originally created by @JamieSlome on GitHub (Feb 23, 2022).
Original GitHub issue: https://github.com/ArchiveBox/ArchiveBox/issues/934

Hey there!

I belong to an open source security research community, and a member (@noobexploiterhuntrdev) has found an issue, but doesn’t know the best way to disclose it.

If not a hassle, might you kindly add a SECURITY.md file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.

Thank you for your consideration, and I look forward to hearing from you!

(cc @huntr-helper)

Originally created by @JamieSlome on GitHub (Feb 23, 2022). Original GitHub issue: https://github.com/ArchiveBox/ArchiveBox/issues/934 Hey there! I belong to an open source security research community, and a member (@noobexploiterhuntrdev) has found an issue, but doesn’t know the best way to disclose it. If not a hassle, might you kindly add a `SECURITY.md` file with an email, or another contact method? GitHub [recommends](https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository) this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future. Thank you for your consideration, and I look forward to hearing from you! (cc @huntr-helper)

kerem

2026-03-14 23:39:14 +03:00

closed this issue
added the
why: security
label

kerem commented

2026-03-14 23:39:29 +03:00

Author

Owner

@pirate commented on GitHub (Mar 13, 2022):

email: <REDACTED> (use this page instead now) or twitter DM @ArchiveBoxApp

@pirate commented on GitHub (Mar 13, 2022): email: `<REDACTED>` (use [this page](https://github.com/ArchiveBox/ArchiveBox/security) instead now) or twitter DM `@ArchiveBoxApp`

kerem commented

2026-03-14 23:39:34 +03:00

Author

Owner

@JamieSlome commented on GitHub (Mar 13, 2022):

@pirate - thanks for sharing this 👍

I will get an e-mail over to you shortly. In the meantime, you can view the reports directly here:
https://huntr.dev/bounties/a640b898-4350-4289-84e9-8dc3f5f15e48/
https://huntr.dev/bounties/104c4e7f-6301-46f1-94e2-aa8aba0a07fe/

They are both private and only accessible to maintainers with repository write permissions. If you have any questions, let me know.

@JamieSlome commented on GitHub (Mar 13, 2022): @pirate - thanks for sharing this 👍 I will get an e-mail over to you shortly. In the meantime, you can view the reports directly here: https://huntr.dev/bounties/a640b898-4350-4289-84e9-8dc3f5f15e48/ https://huntr.dev/bounties/104c4e7f-6301-46f1-94e2-aa8aba0a07fe/ They are both private and only accessible to maintainers with repository write permissions. If you have any questions, let me know.

kerem commented

2026-03-14 23:39:40 +03:00

Author

Owner

@pirate commented on GitHub (Jan 19, 2024):

For anyone who sees this in the future, security reports are now handled through github: https://github.com/ArchiveBox/ArchiveBox/security

@pirate commented on GitHub (Jan 19, 2024): For anyone who sees this in the future, security reports are now handled through github: https://github.com/ArchiveBox/ArchiveBox/security

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/ArchiveBox#3597

No description provided.

Rows
Columns