Private Packagist Bug Bounty Program

Private Packagist encourages users and independent security researchers to report detected security vulnerabilities. We appreciate the work of independent security researchers who review and test our service for security vulnerabilities because it makes Private Packagist more secure. We offer a bug bounty for the report of reproducible and unreported security vulnerabilities.

The amount of the bounty depends on the severity of the vulnerability as determined by Private Packagist and there is no guaranteed right to payment of a bounty.

Recommended Blogs

How I Found SQLI on Dutch Government Website in 20 Minutes

Nasur Ullah

•

Nov 20, 2023

Bug Bounty in Lockdown (SQLi and Business Logic)

Abhishek

•

Jun 24, 2020

Interesting Story of an Account Takeover Vulnerability

Deepanshu

•

Sep 12, 2024