Skip to content

Latest commit

 

History

History
44 lines (23 loc) · 2.2 KB

SECURITY.md

File metadata and controls

44 lines (23 loc) · 2.2 KB

Security Policy

Reporting Security Vulnerabilities

We take the security of this project seriously. If you discover any security vulnerabilities, please report them to our team. We appreciate your efforts in responsibly disclosing the issue and helping us ensure the security and integrity of our project.

To report a security vulnerability, please follow these steps:

  1. Option 1: Email - Send an email to [email protected] with the subject line "Security Vulnerability Report".

  2. Option 2: Issue Tracker - Submit a new issue with the "Security Vulnerability" label in our GitHub issue tracker.

When reporting security vulnerabilities, please provide as much information as possible, including:

  • A brief description of the vulnerability and its potential impact.
  • Steps to reproduce the vulnerability.
  • Versions affected by the vulnerability.

Handling of Vulnerability Reports

Upon receiving a vulnerability report, we will:

  1. Acknowledge the receipt of the report within 3 business days.

  2. Validate and investigate the reported vulnerability.

  3. Work on fixing the vulnerability and releasing an appropriate patch.

  4. Maintain communication with the reporter to provide updates on the progress and resolution of the vulnerability.

Responsible Disclosure

We request that you do not disclose any details of the vulnerability publicly until we have had an opportunity to address it. Once we have addressed the reported vulnerability, we encourage responsible disclosure, and we will attribute the reporter in the release notes or security advisory, if desired.

Scope

This security policy applies to the latest version of our project. If you are using an older version, please consider upgrading to the latest release to benefit from the most recent security enhancements.

Disclaimer

We reserve the right to determine the severity and validity of reported vulnerabilities, as well as the course of action taken in response to any reports. We appreciate your cooperation and adherence to responsible disclosure practices.

Thank you for your assistance in making our project more secure.