2 matches found
HackerOne: Being able to disclose IBB bounty table of any public program
A private Internet Bug Bounty IBB bounty table was disclosed. The IBB bounty table contained information about the reward amounts for critical, high, medium, and low vulnerabilities in open-source projects...
Internet Bug Bounty: RCE via ssh:// URIs in multiple VCS
I'd like to submit an RCE issue within Git SVN and Mercurial, the CVEs are: CVE-2017-9800 Subversion CVE-2017-1000116 Mercurial hg CVE-2017-1000117 Git Further Info can be found at: http://blog.recurity-labs.com/2017-08-10/scm-vulns And product specific:...