We take security very seriously. If you discover a security vulnerability within our project, please follow the guidelines below to report it to us:
-
Do not report security vulnerabilities through public GitHub issues.
-
Email: Send a description of the vulnerability directly to bunta.bit@mail3.me. Please provide as much relevant information as possible to help us understand and triage the issue.
-
Expect a response: We will acknowledge receipt of your vulnerability report and will send you regular updates about our progress. If you don’t receive a response within 48 hours, please resend your email.
-
Please do not disclose the vulnerability to others until we’ve had a chance to address it.
Once we receive a vulnerability report, we will take the following actions:
- Confirm that the vulnerability exists.
- Determine the severity of the vulnerability.
- Work on a fix and release it as soon as it’s ready, ensuring it is properly tested and does not introduce other problems.
- Notify the reporter after the vulnerability has been fixed.
Your effort in reporting the vulnerability is appreciated, and we will acknowledge your contribution after the vulnerability has been fixed and the details made public.