While sending a security vulnerability to "cve@forums.swift.org", I found the below bounce back reply.
We're sorry, but your email message to ["cve@forums.swift.org"] (titled REDACTED) didn't work.
Your reply was sent from an unknown email address. Try sending from another email address, or contact a staff member.
So, was my email sent or is there any other way to contact the SWIFT security team?
Thanks!
ksluder
(Kyle Sluder)
2
Did you find a security vulnerability in Discord? Or in the web server hosting this Discord instance?
Its in the " swift-corelibs-foundation" source. Is there way I can send it again to some other email ID?
Jumhyn
(Frederick Kellison-Linn)
4
Apple accepts security vulnerability reports via the avenues outlined here. It appears the preferred report mechanism is the web portal, though reports are also accepted to the email product-security@apple.com. You could try those since the "cve@" email does not appear to be working.
cc @mishal_shah would you be the right person to ping about this email (apparently) no longer accepting reports? It's still listed as current on the Swift.org security page.
Hi @RandomDhiraj,
Can you try sending the message again?
Thanks,
Mishal Shah
Thanks Mishal, I have sent it again.
Looks like it was rejected again (Email::Receiver::UserNotFoundError)
Are you able to send message using this link? CVE Message
Thanks! Sorry for the extra work.
I have sent the vulnerability details using the above link.
Thank you!
1 Like
