LibSimprints is a very thin wrapper around Android intents, so we only support a few versions which historically has not been an issue. However if you discover a vulnerability in an older version and you are unable to update to a supported version please still let us know so we can see if we can support you.
| Version | Supported |
|---|---|
| 2021.3.x | ✅ |
| 2021.2.x | ✅ |
| 2021.1.x | ✅ |
| < 2021.1.x | ❌ |
Simprints is an advocate of responsible vulnerability disclosure. If you’ve found a vulnerability, we would like to know so we can fix it. To report a vulnerability please contact us as at security@simprints.com.
When reporting a vulnerability to us, please include:
- a brief description of the vulnerability
- details of the steps we need to take to reproduce the vulnerability
- non-destructive exploitation details
If you are able to, please also include:
- the type of vulnerability, for example, the OWASP category
- screenshots or logs showing the exploitation of the vulnerability
If you are not sure if the vulnerability is genuine and exploitable, or you have found:
- a non-exploitable vulnerability
- something you think could be improved - for example, outdated dependencies
- configuration weaknesses - for imporperly exposed data or endpoints
Then you can still reach out via email.
Unfortunately, Simprints doesn't offer a paid bug bounty programme. Simprints will make efforts to show appreciation to people who take the time and effort to disclose vulnerabilities responsibly.