Skip to content

Security: zulldevv/ave

Security

SECURITY.md

Ave CDN Security Policy

Reporting a Vulnerability

At Ave CDN, we take security vulnerabilities seriously and appreciate your help in responsibly disclosing any issues you may find. If you discover a security vulnerability, please follow these steps to report it:

  1. Privately disclose the vulnerability: Please do not create public GitHub issues for security vulnerabilities. Instead, email us at zuuliziluuz@gmail.com with details about the vulnerability.

  2. Include relevant information: In your email, provide a detailed description of the vulnerability, including steps to reproduce it and any potential impact it may have.

  3. Encryption: If possible, encrypt your email using our PGP public key to ensure the confidentiality of sensitive information. You can find our PGP public key here.

  4. Response: We will acknowledge receipt of your email within 24 hours and work with you to assess and address the reported vulnerability. We'll keep you informed of our progress throughout the process.

Responsible Disclosure Guidelines

When reporting security vulnerabilities, please adhere to the following guidelines:

  • Provide detailed information: Include a clear description of the vulnerability, including steps to reproduce it and any potential impact it may have.

  • Respect user privacy: Do not access or modify user data without explicit permission, and do not perform any actions that could harm the integrity or availability of our services.

  • Act in good faith: Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our services.

  • Do not disclose publicly: Please do not disclose the vulnerability publicly until we have had an opportunity to assess and address it.

  • Follow our responsible disclosure process: Please follow the reporting process outlined above to ensure that vulnerabilities are addressed promptly and responsibly.

Legal Safe Harbor

Ave CDN respects the efforts of security researchers in identifying and disclosing security vulnerabilities. We will not take legal action against individuals who discover and report security vulnerabilities in accordance with our responsible disclosure guidelines.

By participating in our responsible disclosure process and adhering to our guidelines, you are protected under Ave CDN's legal safe harbor.

Thank you for helping to keep Ave CDN safe and secure for our users!

There aren’t any published security advisories