Skip to content

Latest commit

 

History

History
35 lines (23 loc) · 1.56 KB

SECURITY.md

File metadata and controls

35 lines (23 loc) · 1.56 KB

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in this project, please report it to us by sending an email to tovis.zsolt@gmail.com. We will do our best to promptly address the issue.

Responsible Disclosure

We value the work of the security community and encourage responsible disclosure of vulnerabilities. If you are unsure if a behavior is a security vulnerability, please send an email to tovis.zsolt@gmail.com explaining the suspected issue. We will work with you to determine if the behavior is a security vulnerability and will provide guidance on how to proceed.

Vulnerability Disclosure Timeline

We will do our best to follow the following timeline when addressing reported vulnerabilities:

  • Within 1 business day of receiving the report, we will send an acknowledgement email to the reporter acknowledging receipt of the report.
  • Within 2 business days of receiving the report, we will determine the severity of the report and assign a priority level to the report.
  • Within 1 week of receiving the report, we will either:
    • Issue a patch and send a notification email to the reporter indicating that the vulnerability has been fixed.
    • Provide a detailed response to the reporter explaining why the behavior does not qualify as a vulnerability.

Acknowledgements

We would like to thank the following individuals for responsibly disclosing vulnerabilities:

Zsolt Tövis

Contact

For any questions or concerns about our security policy, please contact us at tovis.zsolt@gmail.com.