You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please contact timo.pagel@owasp.org in case you detect a vulnerability or flaw with severity high or critical in the application.
2
-
In all other cases, please create an issue.
1
+
# Responsible disclosure policy
2
+
3
+
## Introduction
4
+
5
+
We take security very seriously.
6
+
We welcome any review of the latest release of all our open source code to ensure that these components can not be compromised.
7
+
In case you identified a security related issue with severity of _low_ to _medium_, please create a GitHub issue.
8
+
9
+
10
+
## Security related bugs with severity _high_ or _critical_
11
+
12
+
In case you identified a security related issue with severity of _high_ or _critical_, please disclose information about the issue non public via email to `timo.pagel@owasp.org`.
13
+
14
+
We encourage researchers to include a Proof-of-Concept, supported by screenshots or videos.
15
+
For each given security related issue with severity _high_ or _critical_ (based on SDA SE own assessment), we will respond within one week.
16
+
17
+
18
+
# Supported versions and update policy
19
+
20
+
Please be aware that only the most recent version will be subject of security patches.
21
+
22
+
# Known security gaps and future enhancements
23
+
24
+
There is no format in commits to identify security related fixes and it is not planned yet.
0 commit comments