Skip to content

Security: hcavarsan/kftray

SECURITY.md

Security Policy

Reporting a Vulnerability

We take the security of our software seriously. If you believe you have found a security vulnerability in KFtray, please report it to us right away. We will investigate all legitimate reports and do our best to quickly fix the problem.

Please follow these steps to report a vulnerability:

  1. Do not report security vulnerabilities through public GitHub issues.
  2. Instead, please send a confidential email to [email protected] with the subject "KFtray SECURITY ISSUE."
  3. Provide detailed steps to reproduce the issue, and if possible, include a proof-of-concept.
  4. Allow us reasonable time to respond to the issue before disclosing it to the public or a third party.
  5. We appreciate your efforts to responsibly disclose your findings and will make every effort to acknowledge your contributions.

After you've reported a security issue, you should receive a response within 48 hours, providing an acknowledgment of your report, and we will follow up with a more detailed plan for resolution and public disclosure if warranted.

Public Disclosure Timing

A public disclosure date will be negotiated by you and us, and we prefer that the public disclosure date be at least 90 days after the acknowledgment of the report. We believe

There aren’t any published security advisories