Thank you very much for keeping us in the loop. Could you please email detailed vulnerabilities to the private [email protected] list? Production security engineers will evaluate the vulnerability within 3 workdays.
gRPC CVE process can be found in https://github.com/grpc/proposal/blob/master/P4-grpc-cve-process.md Thanks, Jiangtao On Wednesday, August 21, 2019 at 3:18:58 AM UTC-7, [email protected] wrote: > > Hi, > > Our team has recently discovered a Null Pointer Dereference security > vulnerability in gRPC. > > How do we disclose it and open a CVE. > > Thanks! > -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/e43d36ab-5a99-46bc-b654-a24ea984a6a8%40googlegroups.com.
