#fediversesecurityfund — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #fediversesecurityfund, aggregated by home.social.
-
@nivenly, an organization that supports open-source services and projects, has launched the Fediverse Security Fund. This member-supported program will pay people who identify and fix security vulnerabilities that might affect fediverse services and apps. “Part of the program is…education for project leads, helping them understand why responsible disclosure practices for security vulnerabilities are important,” open source contributor @thisismissem told @Sarahp. Here's her story for @TechCrunch
#Fediverse #OpenSource #OpenSocialWeb #NivenlyFoundation #FediverseSecurityFund
-
This is a program that I've been championing within @nivenly over the past year, after we noticed that security vulnerabilities weren't being disclosed responsibly, and not enough research was going into the security of Fediverse software.
You might remember my Pixelfed vulnerability from last year, where OAuth scopes weren't checked allowing for privilege escalation via the API (CVE-2024-25108), that was our very first test-case of this program.
I'm incredibly proud to be involved in launching the Fediverse Security Fund from Nivenly Foundation (a 501(c)4 not-for-profit cooperative)
-
This is a program that I've been championing within @nivenly over the past year, after we noticed that security vulnerabilities weren't being disclosed responsibly, and not enough research was going into the security of Fediverse software.
You might remember my Pixelfed vulnerability from last year, where OAuth scopes weren't checked allowing for privilege escalation via the API (CVE-2024-25108), that was our very first test-case of this program.
I'm incredibly proud to be involved in launching the Fediverse Security Fund from Nivenly Foundation (a 501(c)4 not-for-profit cooperative)
-
This is a program that I've been championing within @nivenly over the past year, after we noticed that security vulnerabilities weren't being disclosed responsibly, and not enough research was going into the security of Fediverse software.
You might remember my Pixelfed vulnerability from last year, where OAuth scopes weren't checked allowing for privilege escalation via the API (CVE-2024-25108), that was our very first test-case of this program.
I'm incredibly proud to be involved in launching the Fediverse Security Fund from Nivenly Foundation (a 501(c)4 not-for-profit cooperative)
-
This is a program that I've been championing within @nivenly over the past year, after we noticed that security vulnerabilities weren't being disclosed responsibly, and not enough research was going into the security of Fediverse software.
You might remember my Pixelfed vulnerability from last year, where OAuth scopes weren't checked allowing for privilege escalation via the API (CVE-2024-25108), that was our very first test-case of this program.
I'm incredibly proud to be involved in launching the Fediverse Security Fund from Nivenly Foundation (a 501(c)4 not-for-profit cooperative)
-
This is a program that I've been championing within @nivenly over the past year, after we noticed that security vulnerabilities weren't being disclosed responsibly, and not enough research was going into the security of Fediverse software.
You might remember my Pixelfed vulnerability from last year, where OAuth scopes weren't checked allowing for privilege escalation via the API (CVE-2024-25108), that was our very first test-case of this program.
I'm incredibly proud to be involved in launching the Fediverse Security Fund from Nivenly Foundation (a 501(c)4 not-for-profit cooperative)