A security vulnerability may cause whole cluster been hijacked

[kaaass]

Description

Hi community! I found a vulnerability in openebs and reported it privately with respect to the security policy one week ago. But I didn't receive any response. This is not urging, I just wanted to ask if I haven't been successful in getting in touch with the maintainer (e.g. maybe the email is recognized as spam). I apologize if this issue has caused any trouble.

[tiagolobocastro]

Hi, I'm a maintainer. Which email are you using? (I mean whom are you sending it to)

[kaaass]

Thank you for reply! I'm using: vishnu.attur AT datacore.com, orville.wright AT yahoo.com, purkaitabhinandan AT gmail.com.

[tiagolobocastro]

@avishnu @Abhinandan-Purkait could you please forward me the email as well? Thanks

[Abhinandan-Purkait]

I have forwarded it to you, please check.

…

On Thu, 4 Jul 2024 at 15:06, Tiago Castro ***@***.***> wrote: @avishnu <https://github.com/avishnu> @Abhinandan-Purkait <https://github.com/Abhinandan-Purkait> could you please forward me the email as well? Thanks — Reply to this email directly, view it on GitHub <#700>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AHUGHK3C6IFKDPCWRY35LATZKUJQ7AVCNFSM6AAAAABKK56TG6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDEMBYGUZTSMBYGM> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[kaaass]

Sorry for the rushing, may I ask is there any update on this issue?

[github-actions]

Issues go stale after 90d of inactivity. Please comment or re-open the issue if you are still interested in getting this issue fixed.

[github-actions]

Issues go stale after 90d of inactivity. Please comment or re-open the issue if you are still interested in getting this issue fixed.

[avishnu]

Transferring this issue to the NDM repo, as this pertains to NDM.