[keycloak-dev] How to report security problem
Thomas Darimont
thomas.darimont at googlemail.com
Wed Oct 12 03:54:50 EDT 2016
Hello,
just a quick follow-up IIRC there was also a link with something like
"Found a Security issue? report it here" on the keycloak.org
website a while ago - might also have been the website of the Red Hat SSO
product. Anyways keycloak.org should have a
more visible link / section with details about reporting security issues.
Cheers,
Thomas
2016-10-12 9:36 GMT+02:00 Thomas Darimont <thomas.darimont at googlemail.com>:
> Hello Hiroyuki,
>
> Just create a new issue here https://issues.jboss.org/projects/KEYCLOAK
> Mark it as Security Sensitive Issue (x) This issue is security relevant.
>
> Cheers,
> Thomas
>
> 2016-10-12 9:30 GMT+02:00 Hiroyuki Wada <wadahiro at gmail.com>:
>
>> Hello,
>>
>> I have security concern in Keycloak server. It might be a vulnerability.
>> Where should I report this problem?
>>
>>
>> Regards,
>>
>> --
>> Hiroyuki Wada,
>> Developer,
>> Nomura Research Institute, Ltd.
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>
>
More information about the keycloak-dev
mailing list