Skip to content

Security: yarysp/rengine-ng

Security

.github/SECURITY.md

Security Policy

huntr

Security Researchers, welcome onboard! I am excited to announce bug bounty program for reNgine in collaboration with huntr.dev, this means you'll be rewarded for any security vulnerabilities discovered in reNgine.

Thank you for your interest in reporting vulnerabilities to reNgine! If you are aware of potential security vulnerabilities within reNgine, we encourage you to report immediately via huntr.dev

Please do not disclose any vulnerabilities via Github Issues/Blogs/Tweets after/before reporting on huntr.dev as it is explicitly against huntr.dev and reNgine disclosure policy and will not be eligible for monetary rewards.

Please note that the maintainer of reNgine does not determine the bounty amount. The bounty reward is determined by industry-first equation from huntr.dev to understand the popularity, impact and value of repositories to the open source community.

What do we expect from security researchers?

  • Patience: Please note that currently I am the only maintainer in reNgine and will take sometime to validate your report. I request your patience throughout the process.
  • Respect Privacy and Security Reports: Please do not disclose any vulnerabilities in public (this also includes github issues) before or after reporting on huntr.dev! That is against the disclosure policy and will not be eligible for monetary rewards.
  • Respect the rules

What do I get in return?

  • Much thanks from Maintainer
  • Monetary Rewards
  • CVE ID(s)

Please find the FAQ and Responsible disclosure policy from huntr.dev.

Past Security Vulnerabilities

Thanks to these individuals for reporting Security Issues in reNgine.

2022

2021

reNgine thanks the following people for making a responsible disclosure and helping the community make reNgine safer!

There aren’t any published security advisories