Skip to content

Security: ls1intum/Hephaestus

Security

SECURITY.md

Security Policy

Supported Versions

At this time, there are no officially supported versions of this project for security updates. We are actively developing and improving the project. Please check back later for updates on supported versions.

Reporting a Vulnerability

We take the security of our project seriously. If you discover a vulnerability, please follow the steps below to report it:

  1. Contact Information: Send an email to [[email protected]] with the subject line "Security Vulnerability Report".

  2. Details to Include:

    • A description of the vulnerability.
    • Steps to reproduce the vulnerability.
    • Potential impact of the vulnerability.
    • Any available patches or suggestions for fixing the issue.
  3. Response Time:

    • You can expect an initial acknowledgment of your report within 48 hours.
    • We will provide regular updates on the status of your report as we investigate and address the issue.
  4. Handling of the Vulnerability:

    • If the vulnerability is confirmed, we will work to release a patch as soon as possible.
    • You will be credited for your discovery if you wish, or you can remain anonymous.
    • If the report is declined, we will provide a detailed explanation as to why it does not meet the criteria for a security vulnerability.
  5. Confidentiality:

    • Please do not disclose the vulnerability publicly until we have had an opportunity to address it.

Thank you for helping us keep our project safe and secure!

There aren’t any published security advisories