-
Notifications
You must be signed in to change notification settings - Fork 6.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Easy Money] ClickHouse Bug Bounty Program #38986
Labels
Comments
alexey-milovidov
changed the title
ClickHouse Bug Bounty Program
[Easy Money] ClickHouse Bug Bounty Program
Oct 19, 2022
Sorry for unrelated question to @alexey-milovidov , did you use ChatGPT to generate some portion of the above text? |
No. |
Chat GPT - since November 30, 2022. |
This was referenced Nov 15, 2023
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
ClickHouse has a bug-bounty program. Apply at https://bugcrowd.com/clickhouse
Note: it is not necessary to use the Bugcrowd service. This is optional and only needed if you need a chance to get a monetary reward. If you just want to report a vulnerability, you can send it to security@clickhouse.com, and we will ensure you get a proper acknowledgment after disclosure. See SECURITY.md for more details.
We want to encourage researchers to find and report security vulnerabilities, stability issues, and bugs in ClickHouse.
The reports are qualified for a bug bounty program if the following conditions are met:
If the issue is not qualified for the bug bounty program, it still should be reported to security@clickhouse.com or publicly on GitHub issues.
The bugs are classified by severity according to the following guidelines:
The severity is considered lower if the issue:
The reports are also classified by the number of details. If finding a bug requires a special testing methodology or tools, we would appreciate it if these will be described in the report, so we can improve our infrastructure. If the report covers mitigation guidelines or a fix, it is also appreciated.
The text was updated successfully, but these errors were encountered: