We maintain and support the latest version of Sauron at Askrella. Security reports should be based on:
- Latest tagged release
- Latest commit on the main branch
Please note: Vulnerabilities already reported by automated tools (e.g., Dependabot) will not be considered as new reports.
- Email: Send your report to
[email protected] - Include:
- Detailed description of the vulnerability
- Steps to reproduce
- Potential impact
- Version/commit where the vulnerability was found
- Initial Response: Within 2 business days
- Updates: We will keep you informed about the progress
- Resolution: Once fixed, we will notify you and provide the patched version
We follow responsible disclosure practices and kindly request:
- No public disclosure before we've had a chance to address the issue
- No access to or modification of user data while testing
- No disruption to our services
When using Sauron, we recommend:
- Regular updates to the latest version
- Following our documentation for secure configuration
- Implementing proper access controls
Thank you for your cooperation and for helping us keep Sauron secure!