Skip to content

Security: shaunakw/HackGT2023

Security

SECURITY.md

Security Policy

Supported Versions

Currently, only the following versions of our project are being actively supported with security updates:

Version Supported
5.1.x
5.0.x
4.0.x
< 4.0

If you're using an unsupported version, we recommend upgrading to the latest supported version to ensure you receive all security updates.

Reporting a Vulnerability

We take security issues very seriously. If you believe you've found a security vulnerability in our project, we encourage you to notify us. We will investigate all legitimate reports and do our best to quickly fix the problem.

Guidelines:

  1. Private Disclosure: Please keep the details of any vulnerabilities you discover private until they've been addressed by our team. This will help ensure that malicious actors do not take advantage of the issue before we can address it.

  2. Provide Details: Offer as much information as possible, including a description of the vulnerability, its potential impact, and steps for reproduction. This will aid our team in understanding and addressing the issue more rapidly.

  3. Communication: After submitting a report, you can expect to hear back from our team within 48 hours. We'll keep you updated on the status of the fix and provide an estimated timeline for resolution.

  4. Responsible Disclosure: If we confirm the vulnerability, we ask that you allow us adequate time to address the issue before publicly disclosing it.

How to Report:

Send an email to our dedicated security team at [email protected]. (Replace example.com with your actual domain.)

What's Next:

Upon receiving a vulnerability report, our security team will:

  1. Confirm receipt of the report.
  2. Investigate the reported issue.
  3. Take appropriate action to address the vulnerability.
  4. Notify the reporter about the status of the vulnerability, whether it's accepted, declined, or requires more info.

Thank you for helping us ensure the safety and security of our project and its users!

There aren’t any published security advisories