Skip to content

Latest commit

 

History

History
29 lines (17 loc) · 1.41 KB

SECURITY.md

File metadata and controls

29 lines (17 loc) · 1.41 KB

Security Policy

Supported Versions

We release patches for security vulnerabilities. Which versions are eligible for receiving such patches depends on the CVSS v3.0 Rating:

Version Supported
1.5.x
1.4.x
< 1.4.0

Reporting Security Issues

Please do not report security vulnerabilities through public GitHub issues.

If you discover a security issue, please report it by sending an email to [email protected]

This will allow us to assess the risk and make a fix available before we add a bug report to the GitHub repository.

Compensation Policy

As a policy, we do not provide financial compensation for reporting security vulnerabilities. Our bug bounty program is designed to acknowledge the efforts of security researchers and community members who assist us in maintaining the highest standards of security without monetary rewards. We believe in fostering a cooperative environment where the security community can contribute to the safety and integrity of our software because they are committed to a safer internet.

Acknowledgments

Contributors who report security issues will be acknowledged in our public releases if they choose to be named. We appreciate the collaborative effort to secure our software and thank all individuals who report vulnerabilities responsibly.

Thanks!