Global

Responsible Disclosure Statement

BASF investigates all reports of security vulnerabilities affecting BASF web presence. If you are a security researcher and believe you have found a security vulnerability, please send an e-mail to us at BASF Responsible Disclosure.

Our guidelines

  • Give us enough details to reproduce the vulnerability
  • Allow us a reasonable amount of time to fix the vulnerability before making any information public
  • Avoid data deletion, unauthorized data access, and service disruption while testing the vulnerability you found
  • Do not ask for compensation for your report
     

Our commitment

  • We will let you know we got your report
  • We will give you an estimate of how long the fix will take
  • We will tell you when we have fixed the vulnerability
     

Our thanks

If your vulnerability report is valid and you would like to be recognized for your contribution, we will gladly add you to our “Heroes of BASF” list, by name or anonymously. We will only add you to our “Heroes of BASF” list, if this is explicitly requested by you.

 

Heroes of BASF

The following researchers have helped us identify and fix vulnerabilities. Thanks to all!

2021

Kunal Karnik

Felipe Gabriel Renzi

Ramesh Kumar Sekar LinkedIn

hoggervr (South Africa) LinkedIn

Aman Kumar LinkedIn

Ravi Kishor @DrAppSec

Kushagra Sarathe

Muhammad Julfikar Hyder @thejulfikar

Kiran Battaluri

Guillermo Gregorio LinkedIn

Mik

Sagar Yadav @sagaryadav8742

Alan Abhilash @alan_abhilash

Mohit Khemchandani

snak3 @_snak3

Aswin Krishna @733n_wolf

Gaurav Popalghat @N008x

Pranshu Tiwari LinkedIn

Ravi Teja

Soma Harish Reddy Mannem 

Abdelrahman Khaled @AbdoKha34396133

Ansan Binoy

Prathamesh Surekha Prakash Pawar

Vijay Farswan @Veloc

Vikas Yadav @mrrobot1o1

Jan Hoersch (Secure Systems Engineering)

Carsten Sandker (Secure Systems Engineering)

Abhinav Sharma @Dtattoedhackers

Nasur Ullah @Spy0x01

Yehonatan Shachor

Rahul Varale LinkedIn

2020

Florian Kunushevci

Shail Shah

Kamran Saifullah

Avishek Nayal

Gopi Akkalaneni

Mehedi Hasan Remon

Roy Mustang

Gul Hameed

Ahmed Hegazy

Marc Seguin

Aditya Thebe

Naveen Kumawat

Fawaz Masood Qureshi LinkedIn

Raveen. G @kill__3r

Elwin Shaji @elwin_shaji

Ai Ho @j3ssiejjj

Foysal Ahmed Fahim @foysal1197

Kasper Karlsson

Sanem Sudheendra LinkedIn

Ritik Chaddha @RitikChaddha

Patrick Lang LinkedIn

Indira Sabeesh

SecuNinja secu.ninja

Vedant Shinde

Yunus Aydin @aydinnyunuss

Mohd Waseyuddin @waseyuddin

Pardon Mukoy LinkedIn

Husain Murabbi LinkedIn

Mansoor Rangwala LinkedIn

Abdullah Khawaja @hax_3xploit

Gal Nagli

Abhijeet Sarkar
Agung Saputra
Agung Saputra Ch Lages
Deep Yadav
G Sri Tharun Reddy
Khizar Ul Haq
Hamza Shahid
lalka1337
Lalka

Mohammad Berro
Mustafa Diaa 
Ratnadip Gajbhiye 
Rituraj Vishwakarma
Sachin Sharma 
Shivam Pandey
Sumit Grover @sumgr0
Ubaid Ahmed 
Utkarsh Agrawal

Vishnu
Vismit Rakhecha

Abhishek Misal

Adity Jadhav

Aditya Jadhav

Akash Labade

Akash Mondal

Amal Mohandas

Ankit Singh

Ashish Kunwar

Danish Tariq

Florian Zyprian

Jayesh Patel

Jose Carlos Exposito Bueno

Juba Baghdad

Mahesh Raykar

Mehul Patil

Mitesh Patil

Muhammad Qasim Munir

Murtada Kamil

Pratik Raut

Saynam Chawla

Shivam Kamboj

Shubham Maheshwari

Sourav Newatia

Vineet Kumar

Yeasir Arafat

Djaber Djoukhrab

Please note: In sharing information with us, you agree that the information will be considered as non-proprietary and non-confidential and that we are allowed to use the information in any manner, in whole or in part, without any restriction. Sharing information with us does not constitute any rights for you or any obligation for us.

Please do not share any personal information with us. Any personal information shared with us will be processed and used in accordance with the applicable data protection regulation; however, BASF will not store any personal information about you unless you provide them to us. By requesting to be added to our “Heroes of BASF” list, you explicitly consent in the publication, use and processing of your name.