Cloudsmith

Cloudsmith is a fully-managed solution that gets your teams out of maintenance mode, and brings cloud-native performance to your workflows and operations.

Web2

Bounty

Hall of Fame

Visit Cloudsmith

Please visit the official website for the latest information.

Bug Bounty Program

Cloudsmith aims to keep its Service safe, and data security is of utmost priority. Suppose you are a security researcher and have discovered a security vulnerability in the Service. In that case, we appreciate your help in disclosing it to us privately and letting us fix it before publishing technical details.

In Scope

the Cloudsmith Classic App (the "old" app)
the Cloudsmith Web App (the "new" app)
the Cloudsmith Core API
and the Cloudsmith Corporate Site

Recommended Blogs

Account Takeover - Smoking with 'null'

Jerry Shah

•

Feb 25, 2021

RCE via LFI Log Poisoning - The Death Potion

Jerry Shah

•

Dec 6, 2020

Social Engineering - A 50 Euro Bug

Jerry Shah

•

Jun 22, 2022