Skip to content

Security: DisyInformationssysteme/artifacthub

Security

SECURITY.md

Security policy

Reporting a vulnerability

To report a security problem in Artifact Hub, please contact the Maintainers Team at [email protected].

Remediation and Notification Process

The maintainers will evaluate the report to verify the security issue. If the issue does not have a security impact, the report and follow-up will move to GitHub issues. If a security issue exists, the maintainers use the following process:

  1. Create a new draft advisory via GitHub Security Advisories
  2. Request a CVE identification number
  3. Collaborate on a private fork, part of the GitHub Security Advisory system, to fix the issue.
  4. Once a solution is ready, the CVE will be finalized and published, the change will be merged, and there will be a new release of Artifact Hub including the security fix.

There aren’t any published security advisories