Skip to content

Latest commit

 

History

History
12 lines (9 loc) · 900 Bytes

security.md

File metadata and controls

12 lines (9 loc) · 900 Bytes

Reporting Security Vulnerabilities

If you believe you have discovered a security issue within a Directus product or service, please reach out to us directly over email: security@directus.io. We will then open a GitHub Security Advisory for tracking the fix.

Directus values the members of the independent security research community who find security vulnerabilities and work with our team so that proper fixes can be issued to users. Our policy is to credit all researchers in the fix's release notes. In order to receive credit, security researchers must follow responsible disclosure practices, including:

  • They do not publish the vulnerability prior to the Directus team releasing a fix for it
  • They do not divulge exact details of the issue, for example, through exploits or proof-of-concepts