Vulnerability Acknowledgements for Red Hat online services

Updated -

Red Hat would like to thank the following individuals and organisations that have privately reported security issues that affected Red Hat branded websites or online services and agreed to be listed.

To report an issue in any Red Hat branded website or online service please contact site-security@redhat.com. Red Hat Information Security, in its sole discretion, will make the final decision about granting, refusing, and publishing credits, as well as their form and content, and applying the rules listed below. Please allow a reasonable time (1-2 business days) for a response after reporting.

Mail sent to site-security@redhat.com can be encrypted with the PGP key 0x50EB9D550CFE2855:
https://keys.openpgp.org/vks/v1/by-fingerprint/A92DF9F915995C7419045F6C50EB9D550CFE2855

We will refuse credits where researchers breach the rules below or do not otherwise behave responsibly and ethically:

  • Reports we do not class as security issues are not eligible for an acknowledgement on this page; these include but are not limited to:

    • Directory Listings and FTP sites. Our products are based on open source components and we make certain content available using directory listings and via anonymous FTP. Please only report these if you find (what can reasonably be assessed as) non-public content being exposed

    • Version Numbers. We do not hide the version numbers of online service components and you should expect these will not be the latest upstream versions.

    • Secure Certificate Issues (mismatched host names, expired certificates, support for older protocols such as SSLv3)

    • Reports from automated tools or scanners without manual verification and analysis

    • Theoretical attacks without proof of exploitability

    • Brute force attacks (e.g. on passwords or tokens)

    • Attacks involving any user accounts not created by you

    • Attacks involving physical access to a user's device, or involving a device or network that is already compromised

    • Missing security headers that do not lead directly to a vulnerability

    • Clickjacking

    • Cookies missing secure or HttpOnly flags

    • Bugs that rely on an unlikely user interaction

    • Issues that are the result of a user deliberately performing an insecure action (like sharing their password or API tokens publicly)

    • Social engineering of Red Hat staff or users

    • Issues related to password and account recovery processes

  • Some Red Hat branded services are operated by third parties. If you notify us about security issues on such sites we will coordinate fixes with the affected vendors and acknowledgements maybe given by those vendors or under their rules.

  • Some security issues may be due to underlying vulnerabilities in third-party applications that we use. In these cases we will coordinate fixes with the application vendor and acknowledgements maybe given by those vendors or on our CVE dictionary pages.

  • We expect you to make a good faith effort to avoid privacy violations, destruction of data, or degradation to our service during your research. Please avoid using tools that are likely to automatically generate significant volumes of traffic or otherwise cause operational problems for our sites.

2023 Acknowledgements:

  • Vinit Lakra (https://www.linkedin.com/in/vinithacker)
  • Shubham Choudhery (https://www.linkedin.com/in/shubham-choudhery/)
  • Shivankar Madaan (https://www.linkedin.com/in/shivankar-madaan-16155a15a/)
  • Anmol Kumar (r0gue302) (https://www.linkedin.com/in/anmolkumar3244)
  • Vikas Singh (https://www.linkedin.com/in/vikas-singh-295333159)
  • Sahil Prasad (JustSahil) (https://www.linkedin.com/in/sahil-prasad/)
  • kukuruza (https://hackerone.com/kukuruza?type=user-)
  • freedfr0md3sire (https://hackerone.com/freedfr0md3sire?type=user)
  • Deepak (https://twitter.com/bug_vs_me)
  • Rushabh Vyas (https://www.linkedin.com/in/rushabhvyas)

2022 Acknowledgements:

  • Dinesh Kumar (dhina016)
  • Sokol Cavdarbasha (@sokolicav)
  • Yash Devkate (https://in.linkedin.com/in/yash-devkate-644aa120a) (https://twitter.com/rootxyash)
  • Saransh Saraf (MR23R0) (https://www.linkedin.com/in/saransh-saraf-2b514b20b)
  • Dzmitry Smaliak (@haxxm0nkey)
  • Momen Eldawakhly (Cypro AB), (https://www.linkedin.com/in/momen-eldawakhly-3b6250204)
  • Keshav Patidar (@ke5h4v) (https://www.linkedin.com/in/keshav-patidar)
  • Cuong Van Bui (https://nsbvc.blogspot.com/) - VNCERT/CC
  • Pankaj Kumar Thakur (https://www.linkedin.com/in/pankaj1261) [2 flaws]
  • Eslam Akl (https://www.linkedin.com/in/eslam3kl)
  • Malvik Chauhan (@ChauhanMalvik) (https://www.linkedin.com/in/malvikchauhan) [2 flaws]
  • Aman Mahendra (https://twitter.com/amanmahendra_)
  • Pooja Rani (https://www.linkedin.com/in/pooja-rani-8048822b/) (https://www.facebook.com/poojawww/)
  • Gaurav Kumar (https://twitter.com/gdattacker) (https://www.facebook.com/drago4344)
  • Ramansh Sharma (https://www.linkedin.com/in/ramansh-sharma/) [2 flaws]
  • Mohammad Hosein Askari (https://www.linkedin.com/in/mohammadhoseinaskari)
  • Rohit Sharma (https://www.linkedin.com/in/r0x5r/)
  • Lakshaya Bawa (https://www.linkedin.com/in/lakshayabawa)
  • Mukesh Kumar (@wireghost) (https://www.linkedin.com/in/mukesh-kumar-1306s2707)
  • Severus of VietSunshine Security Engineering Team (www.vietsunshine.com.vn)
  • Krishna Agarwal (@Kr1shna4garwal) https://www.linkedin.com/in/kr1shna4garwal
  • Hemant kashyap (cyber__hawk) (https://www.linkedin.com/in/hemant-kashyap-714564199)
  • Ozan Olali – IBM Security
  • Tuan Nguyen (@nhiephon) (https://twitter.com/_nhiephon)
  • Ritik Jangra (https://www.linkedin.com/in/ritik-jangra-03b80a21b)
  • Muhammad Khizer Javed (https://www.linkedin.com/in/muhammad-khizer-javed/)
  • Yash kushwah (@cyberyash951) (https://www.linkedin.com/mwlite/in/yash-kushwah-a80449229)
  • Johan Carlsson (@joaxcar)

2021 Acknowledgements:

  • Shripad Rachha (@protector_5512) (https://www.linkedin.com/m/in/shripad-rachha-0782441ab)
  • Mikhail Tolkonyuk (https://www.linkedin.com/in/mtolkonyuk/)
  • Alan Abhilash (https://twitter.com/alan_abhilash)
  • Muhammed Mustafa Korany (https://twitter.com/MuhammedKoraany)
  • Akash Rajendra Patil (https://www.linkedin.com/in/akashpatil98/)
  • Gourab Sadhukhan (https://www.linkedin.com/in/gourab-sadhukhan-71158216a)
  • Omar Bheda (https://twitter.com/obheda12 https://linkedin.com/in/omarbheda)
  • Chen Cohen ( https://www.linkedin.com/in/chen-cohen/ @eBay ) [2 flaws]
  • Jasmin Shaikh (@jasmin_jazz16) (https://www.linkedin.com/in/jasmin-shaikh-082a3a11a/)
  • Christian Schlüter (VIADA)
  • Mohammad Hosein Askari (https://www.linkedin.com/in/mohammadhoseinaskari) [2 flaws]
  • Naman Shah (www.twitter.com/naman_1910)
  • posix (https://twitter.com/po6ix)
  • Omar Amin (Secare.io Research Team | https://twitter.com/oomniipotentt)
  • Sheikh Rishad (https://twitter.com/sheikhrishad0)
  • Harinder Singh (S1N6H | https://www.linkedin.com/in/lambardar/)
  • Oumeir Saifedeen (o.s.bughunter (at) gmail.com | xjohncode (at) gmail.com)
  • David Guimarães (@skysbsb) (https://www.linkedin.com/in/guimabsb)
  • Kohei Morita (https://twitter.com/mrtc0)
  • Gustavo Santos (https://www.linkedin.com/in/gustavoosantoos/)
  • Shaikh Yaser
  • Anthony Sottile (twitter.com/codewithanthony)
  • Pradip Bhattarai (https://www.linkedin.com/in/prdp | https://www.pradeepbhattarai.me/) [2 flaws]
  • Mohammed Amer Saadoon (0nlymohammed | https://twitter.com/0nlymohammed)
  • Emad Shawky Muhammed (www.linkedin.com/in/emad-shawky-244408152)
  • Niraj Kharel @ Cryptogen Nepal (https://www.linkedin.com/in/nirajkharel)
  • Samprit Das (sampritdas8 | https://www.linkedin.com/in/samprit-das-9805831a2/) [2 flaws]
  • S Rahul (7srambo) (https://www.linkedin.com/in/7srambo/)

2020 Acknowledgements:

  • Pascal Zenker (@parzel2) (https://www.linkedin.com/in/pascal-zenker-608620146/)
  • Artem Zinenko (@ar7z1)
  • Marcell Csiszar (https://csiszarmarcell.hu) (https://hu.linkedin.com/in/marcellcsiszar)
  • Abhijeet Jain (https://twitter.com/seecure963)
  • Sattar Jabbar (Facebook.com/vipexploiter)
  • Tinu Tomy (tinurock007)
  • Carl Henrik Lunde (@chlunde)
  • Pulkit Pandey (@pulkitpandey92)
  • Ai Ho (https://twitter.com/j3ssiejjj)
  • Billy Sheppard (https://twitter.com/GoatSniff)
  • Mohammad Hosein Askari (https://www.linkedin.com/in/mohammadhoseinaskari) [2 flaws]
  • Shivang Trivedi (https://www.linkedin.com/in/shivang-trivedi-a149b2190)
  • Mohamed Abdellatif Jaber (https://www.facebook.com/Mrm0hm3d)
  • Lex Vorona (voronaam)
  • Naveen Kumawat (twitter.com/nvk0x)
  • Pratik Dabhi (https://www.linkedin.com/in/pratikmdabhi/)
  • Himanshu Joshi (https://www.linkedin.com/in/jhimansh/)
  • Wh4t4s3c
  • Sourav Sahana (https://linkedin.com/in/iamsahana)
  • Apoorva Jois (https://www.linkedin.com/in/apoorva-jois-7ab0b0165)
  • Ahmad A Abdulla (https://www.facebook.com/cybershield.team/)
  • Flaviu Popescu - (https://flaviu.io) - [2 flaws]
  • Pardon Mukoyi (@bugspiderlee - https://www.linkedin.com/in/pardon-mukoyi-2964aa187 )
  • Pramod Sargar (https://twitter.com/impramodsargar https://www.linkedin.com/in/impramodsargar/ )
  • Imran Shaikh
  • Pankaj Kumar Thakur (@Nep_1337_1998) and Muskan Upadhaya(www.facebook.com/muskan.upadhaya.90) from Nepal
  • Max Goldfarb (https://linkedin.com/in/mhgoldfarb)
  • Tarek Bouali (@iambouali)
  • Codermak (https://twitter.com/arshadkazmi42)
  • @hexdefined
  • Sherwyn Moodley (@forshish)

2019 Acknowledgements:

  • Tirtha Mandal (https://www.linkedin.com/in/tirtha-mandal-794989b7)
  • Eng. Mohammed Fayadh (https://www.linkedin.com/in/eng-mohammed-alanazi-69593050)
  • Mehrdad Nassiri (https://www.linkedin.com/in/mehrdd) (https://vandaw.com)
  • Rajib Acharyya (https://www.facebook.com/rajibacharyya64)
  • Tyler Hawkins (https://www.linkedin.com/in/tyler-hawkins-149ba2b2/) (https://hawkinsecurity.com/)
  • Kamal Elsayed Hussein (https://www.linkedin.com/in/kamalinux)
  • Abdullah Fares Muhanna (https://www.facebook.com/AbedullahFares)
  • Hamza Errachdi (@hecvs17)
  • Shivam Pandya (shivampandya.com)
  • csanuragjain (https://twitter.com/csanuragjain)
  • Tijo Davis (https://www.linkedin.com/in/tijo-davis-a906a7141 )
  • Anil Tom (Mr.4NK) (https://facebook.com/aniltom.ank)
  • James Kettle (PortSwigger Web Security)
  • Gareth Heyes (PortSwigger) (https://twitter.com/garethheyes)
  • Hoang Quoc Thinh (@g4mm4 of CyberJutsu.IO)
  • Nikhil Sahoo
  • Ipsita Subhadarshan Sahoo
  • Arrch (https://twitter.com/AriefRachmanRh)
  • Mustafa Diaa - ( @c0braBaghdad1 )
  • Ninad Mishra (https://in.linkedin.com/in/ninad-mishra-73b279157)(securityidiot.com)
  • Nikola Kojic (https://ras-it.rs) [2 flaws]
  • Pankaj Kumar Thakur (Nepal)(https://www.linkedin.com/in/pankaj1261)(twitter: @Nep_1337_1998)
  • Ronak Nahar (https://www.linkedin.com/in/naharronak/)
  • Saad Zitouni https://www.linkedin.com/in/saad-zitouni/
  • Daniel Kalinowski(ISEC.pl Research Team)(https://twitter.com/llamaonsecurity)
  • Deba Akrem Fares ( i love you mom ) (www.facebook.com/hungrybits )
  • Gröstl Sec
  • Arsenii Kostromin (0x3c3e)(https://twitter.com/0x3C3E)
  • Mahmoud Osama Ahmed (Twitter: @Mahmoud0x00)
  • Michael Oliver (https://www.linkedin.com/in/thecodeboss/)

2018 Acknowledgements:

  • Gröstl Sec
  • Partha Bishwas (https://www.facebook.com/partha.bishwas)
  • Claudio Moretti
  • Deepanshu kapoor (https://deepanshukapoor.blogspot.com)
  • Bill Ben Haim (https://www.linkedin.com/in/bill-ben-haim-b6775a48/)
  • Kaustubh Padwad (https://twitter.com/s3curityb3ast)
  • Mohamed Sakr (fb.com/mohamed.saker84)
  • Abhishek Sidharth (https://www.facebook.com/ab2op4u)
  • Youssef A. Mohamed (https://GeneralEG.github.io)
  • Mohamed Saker (fb.com/X3rrOR)
  • Wen Bin KONG (@kongwenbin, https://linkedin.com/in/kongwenbin)
  • Andreas Johnsen Skoglund (anderen2) (https://www.linkedin.com/in/andreas-skoglund)
  • vyshnav nk (https://www.linkedin.com/in/vyshnav-vizz-856038119/)
  • James Kettle (PortSwigger Web Security)
  • Faizan Ahmed (https://www.facebook.com/fizan.ahmed.3998 )
  • Jesse Kinser (@securitybites, http://linkedin.com/in/jesse-kinser-71a56110)
  • Faruk Kadir (https://www.linkedin.com/in/farukkadir)
  • Sumit Sahoo (https://www.sumitsahoo.com/)
  • Pravas Ranjan Kanungo (https://www.linkedin.com/in/prkanungo)
  • Hamza Errachdi (@hecvs17)

2017 Acknowledgements:

  • Cody Zacharias (@now)
  • Raad Firas Haddad (@raadfhaddad)
  • Suleman Malik (@sulemanmalik_3)
  • Sumantro Mukherjee (https://www.facebook.com/sumantro.rijndael)
  • Konduru Jashwanth (https://in.linkedin.com/in/kondurujashwanth)
  • Takashi Suzuki (kamikaze.takashi111 [at] gmail.com)
  • Ong Jin Kun (https://scriptkidd1e.wordpress.com)
  • Anton Mihaita Adrian (@adicode32)
  • Georgie Yoxall (https://yoxall.me.uk)
  • Suyog Palav (https://www.linkedin.com/in/suyog-palav & https://www.facebook.com/suyog.palav)
  • Ron Masas (ronmasas.com)
  • Modesto Rodríguez (www.linkedin.com/in/mode-rodriguezb)
  • Anand Bhat (@_anandbhat)
  • Andreas Johnsen Skoglund (https://www.linkedin.com/in/andreas-skoglund-192992106)
  • Anirban Singha (https://www.facebook.com/anirban.dark)
  • Vineet Kumar (https://bughunter.withgoogle.com/profile/80ae25f5-877d-4402-94e8-7902cacdb4b9)
  • Oussama Zgheb (zgheb.com)
  • Li Chaohan Bon (https://www.linkedin.com/in/lichaohan-bon/)
  • Sergius Low Jun Kai (https://www.linkedin.com/in/low-jun-kai-sergius/)
  • Gröstl Sec

2016 Acknowledgements:

  • Tushar Parab (BaPpA m0rYa)
  • Mahmoud El Manzalawy (https://twitter.com/is4curity)
  • Michael Gottburg
  • Hamza Bachikh (alhamdulillah) (@miZo_Rayk)
  • Lawrence Amer
  • José Carlos Expósito Bueno (@0xlabs)
  • Ameer M. Assadi ( @AmeerAssadi, AmeerAssadi.com, fb.com/Amirh4ck )
  • Mustafa Hasan (@strukt93)
  • Cameron Dawe (Spam404, https://twitter.com/spam404online) [2 flaws]
  • Teemu Kääriäinen
  • Nilesh Sapariya (https://www.twitter.com/nilesh_loganx) [2 flaws]
  • Gerardo Venegas(@v0raz)
  • Kenan GÜMÜŞ
  • Yann CAM @ASafety (www.asafety.fr / www.synetis.com)
  • Fernando Muñoz
  • Dhiraj Mishra (@mishradhiraj_)
  • Latish Danawale (Facebook.com/latish.danawale.14)
  • Raed Moussaoui (https://www.linkedin.com/in/raed-moussaoui)
  • Sumit Sahoo - https://www.sumitsahoo.com/
  • Anas Roubi
  • Kacper Szurek - http://security.szurek.pl/
  • Amine Hm (https://www.facebook.com/AMiN3.HM) [3 flaws]
  • Adrian-Daniel Bacanu (Zatarra) (rstforums.com)

2015 Acknowledgements:

  • Adrian-Daniel Bacanu (Zatarra) (rstforums.com)
  • Diaa Diab (@dia2diab) [3 flaws]
  • Prince Rawat - https://twitter.com/_princerawat
  • Sumit Sahoo (54H00) - http://www.facebook.com/54H00 [2 flaws]
  • Fady S. Ghatas ( TiTrias.com )
  • Babar Khan Akhunzada (Security Wall) (www.babarakhunzada.com)
  • Noah Wilcox - (Crater Designs) http://craterdesigns.com
  • Mohamed Khaled Fathy Link (https://www.facebook.com/Sir.MaTrix) [3 flaws]
  • Abd El Rahman Ezzat Mohamed (Facebook.com/hackingdragon121)
  • Ahmed Y. Elmogy (@mogyhacker)
  • Deepali Sarjerao Malekar (https://in.linkedin.com/pub/deepali-malekar/80/361/427)
  • Michał Lubicz-Sienicki (@mlubicz) - https://lubi.cz [4 flaws]
  • Kai Fabian (http://kaifabian.de/)
  • Ayoub Ait Elmokhtar - https://www.facebook.com/abessadek
  • Ahmed Abdalla Fathi (https://www.facebook.com/mr.alexseve)
  • Sachin Wagh (https://in.linkedin.com/pub/sachin-wagh/5/175/95b)
  • Mohamed Khaled (https://twitter.com/Sirmatrixpage)
  • Ala Arfaoui (https://www.facebook.com/alaa.arfaoui)
  • Mohamed Abdelbasset Elnouby - Senior Security Analyst at Seekurity
  • Mahender Singh (https://twitter.com/neohacker1337)
  • Ahmed Adel Abdelfattah (https://www.facebook.com/00SystemError00)
  • SaifAllah benMassaoud (https://www.facebook.com/WhiteHatSecuri)
  • Muhammed Gamal Fahmy (facebook.com/profile.php?id=646694111)
  • Jose Carlos Exposito Bueno (https://www.0xlabs.com/)
  • Mohamed Khaled Fathy Mohamed (Facebook.com/Squnity)
  • Mohit Shukla - @theserverguy (MantraGrid.com)
  • Mahmoud El Manzalawy (https://twitter.com/is4curity)

2014 Acknowledgements:

  • David Hoyt
  • Ajay Singh Negi (@AjaySinghNegi) (computersecuritywithethicalhacking.blogspot.in)
  • Milad Bahari Rad (@milad_bahari)
  • Ali Hasan Ghauri (@alihasanghauri) (AHPT)
  • Ibrahim Raafat (@RaafatSEC) (Q-CERT)
  • Măgheruşan Ovidiu (@RSTforums.com)
  • Adrian-Daniel Bacanu (Zatarra) (rstforums.com)
  • Shahee Mirza (@shaheemirza)
  • Deepanker Chawla (@deepankerchawla) (www.deepanker.in)
  • Prayas Kulshrestha (@prayas_prayas)
  • Simone Memoli (@Simon90_Italy)
  • Behroz Nathwani
  • Ignacio Garrido (www.coresecurity.com) [2 flaws]
  • Osanda Malith Jayathissa (@OsandaMalith)
  • Caesar Manigault (www.keyicam.com)
  • Hamid Ashraf (www.fb.com/hami.hax528)
  • Sangeetha Rajesh S (in.linkedin.com/in/sangeetharajesh)
  • Mazen Gamal Mesbah (@MazenGamal) [3 flaws]
  • Jasminder Pal Singh [Zero-Guy]
  • Adrian-Daniel Bacanu (Zatarra) (rstforums.com)
  • Koutrouss Naddara [@KoutroussNaddar]
  • Babar Khan Akhunzada (Security Wall) (www.babarakhunzada.com)
  • Ilca Lucian [Pwnthecode]

2013 Acknowledgements:

  • Rakan Alotaibi (@hxteam) [2 flaws]
  • Yuji Kosuga
  • Johnathan S. Simon (johnathansimon.com) [2 flaws]
  • Kamil Sevi (@kamilsevi) [4 flaws]
  • M.R.Vignesh Kumar (@vigneshkumarmr)
  • Ajay Singh Negi (@AjaySinghNegi) (computersecuritywithethicalhacking.blogspot.in) [2 flaws]
  • Prajal Kulkarni (www.prajalkulkarni.com)
  • Himanshu Kumar Das (@mehimansu)
  • Atulkumar Hariba Shedage (@atul_shedage) and Ritesh Arunkumar Sarvaiya (@RiteshSarvaiya), (defencely.com)
  • Guifré Ruiz Utgés (@GuifreRuiz)
  • Mohamed Ramadan (Attack-Secure.com)
  • Maxim Rupp
  • Ahmed Mohamed Hassan Aboul-Ela (Starware) [3 flaws]
  • Anand Prakash (@sehacure) (VIT University, India)
  • Tushar Rajhans Kumbhare (defencely.com)
  • Raj Sukali (fb.com/nottyraj) [2 flaws]
  • Abhinav Karnawat (\/ w4rri0r \/) (www.w4rri0r.com)
  • Dmitriy Serebryannikov (@dsrbr) (ptsecurity.com)
  • Malte Batram (@_batram) (batr.am) [2 flaws]
  • Andrey Medov (ptsecurity.com) [5 flaws]
  • Laith AL-Satari (@laith_satari)
  • Ali Hasan Ghauri (@alihasanghauri) (AHPT)
  • Swair Mehta (swairmehta@gmail.com)
  • Mohab Ali (@0xAli) (synapse-labs.com)
  • Ankit Bharathan (lon3ly_hacker)
  • Bharadwaj Machiraju (blog.tunnelshade.in)
  • Emanuel Bronshtein (@e3amn2l)
  • Christian Lopez Martin (@phr0nak)
  • Issam Rabhi (sites.google.com/site/issrabhi) [2 flaws]
  • Wong Chieh Yie (@wcypierrenet)
  • David Hoyt
  • 6Scan (6scan.com)
  • Vikas Chopalli and Naresh Chattala (gitamite.com)
  • Elvin Gentiles (elvinguitar)
  • Roy Castillo (@official_roy) (www.roy-castillo.com) [4 flaws]
  • Rajatkumar Karmarkar
  • Anand Meyyappan (@anandm47)
  • SimranJeet Singh (@TurbanatorSJS)
  • Riaz Ebrahim (www.linkedin.com/pub/riaz-ebrahim-cissp-ceh/3b/347/383)
  • Rishal Dwivedi (@rishaldwivedi) (Bhavan's Vivekananda College) and Manjot Singh (@Manjotsinghg8) (Rimt College Mandi Gobindgarh)
  • Sabari Selvan (www.EHackingNews.com)
  • Adrian-Daniel Bacanu (Zatarra) (rstforums.com) [2 flaws]
  • Tejash Patel (@tejash1991)
  • Shahee Mirza (@shaheemirza)
  • Saurabh Chandrakant Nemade (@SaurabhNemade) (fb.com/saurabh.nemade)
  • Deepankar Arora (@sec403) and Nipun Jaswal (@nipunjaswal) [2 flaws]
  • Daniel-Valentin Tomescu (TheTime) (rstforums.com)
  • Muhammad Ahmed Siddiqui (Nybble Tech) (nybbletech.com)
  • Peter Jaric (@peterjaric) (javahacker.com)
  • Osanda Malith Jayathissa (@OsandaMalith)
  • sahildhar (fb.com/dhar66)
  • Koutrouss Naddara
  • Mahmoud El-Said El-Naggar (Starware)
  • Teguh P. Alko [2 flaws]
  • Rafael Pablos (silverneox.blogspot.com)
  • Narendra Bhati (@NarendraBhatiB) (R00t Sh3ll)
  • Gurjant Singh (@GurjantSadhra) and Mayank Kapoor (hackerdesk.com)
  • Muhammad Talha Khan (fb.com/MTK911)

2012 Acknowledgements:

  • Keita Haga [4 flaws]
  • Maxim Rupp [5 flaws]
  • Nils Jünemann [5 flaws]
  • João Lucas Melo Brasio (White Hat Hackers & DotFive Labs & PUC-Campinas)
  • Mateusz Goik
  • David Vieira-Kurz (MajorSecurity) [2 flaws]
  • David Hoyt [3 flaws]
  • Mario Gomes (@NetFuzzer)
  • Emanuel Bronshtein (@e3amn2l) [2 flaws]
  • Thamatam Deepak (@Mr.47™)
  • Atulkumar Hariba Shedage (@atul_shedage) (defencely.com)
  • Ucha Gobejishvili (საქართველო) [6 flaws]
  • Carlo Soliveres Benedicto (FierceX) (Catanduanes State University)
  • Michael Blake
  • Kamil Sevi (@kamilsevi) [2 flaws]
  • Harsha Vardhan Boppana (Login Security Solutions(P) Limited) and Krutarth Shukla (@krutarthshukla)
  • Dylan S. Hailey (@TibitXimer)
  • Siddhesh Gawde (St. Francis Institute of Technology (SFIT))
  • Ahmad Ashraff (@yappare)
  • Guifré Ruiz Utgés (@GuifreRuiz)
  • Rafay Baloch (RHA)
  • Masato Kinugawa
  • Mohamed Ramadan (Attack-Secure.com) [3 flaws]
  • Johnathan S. Simon (johnathansimon.com)

2011 Acknowledgements:

  • Nils Jünemann [2 flaws]
  • Brendan Coles
  • Maxim Rupp [2 flaws]
  • David Hoyt [3 flaws]
  • Szymon Gruszecki
  • Keita Haga
  • David Guimaraes

Pre-2011 Acknowledgements:

  • Johannes@springenwerk.com

This page lists all acknowledgements since January 1st 2011. Please contact site-security@redhat.com if you reported an issue to us prior to 2011 and would like a public acknowledgement.

Comments

Log in to comment