Version | Supported |
---|---|
1.x | ✅ |
If you find a vulnerability in NB Defense, perform the following steps:
- Open an issue in the nbdefense repo. Use
[BUG] Security Vulnerability
as the title and do not include any vulnerability details in the issue description. - Send us an email at
[email protected]
with the following:- The link to the issue you created above.
- Your GitHub handle.
- Details about the vulnerability including:
- A description of what the vulnerability is.
- Evidence of the issue happening or references to the relevant lines of code.
- Instructions to reproduce the issue.
After we have reproduced the issue we will reply to the issue and open a draft security advisory and will discuss the details there.
Once we've released a fix we will use the Security Advisory to announce the findings.