Hi π β I've identified a security issue in @adonisjs/bodyparser that I'd like to report privately, following responsible-disclosure practice.
I tried GitHub's Private Vulnerability Reporting, but it appears to be disabled for this repository, and I couldn't find a SECURITY.md or a dedicated security contact for the project.
Could you either:
- Enable Private Vulnerability Reporting for this repo (Settings β Advanced Security β Private vulnerability reporting), which lets me submit the full details through a private GitHub security advisory draft; or
- Share a security contact (email or preferred channel) I can send the report to.
I'm intentionally not including any technical details here to avoid public disclosure before you've had a chance to review. Happy to provide everything β root cause, PoC, affected versions, and a suggested fix β as soon as a private channel is available.
Thanks for your work on AdonisJS!
Hi π β I've identified a security issue in
@adonisjs/bodyparserthat I'd like to report privately, following responsible-disclosure practice.I tried GitHub's Private Vulnerability Reporting, but it appears to be disabled for this repository, and I couldn't find a
SECURITY.mdor a dedicated security contact for the project.Could you either:
I'm intentionally not including any technical details here to avoid public disclosure before you've had a chance to review. Happy to provide everything β root cause, PoC, affected versions, and a suggested fix β as soon as a private channel is available.
Thanks for your work on AdonisJS!