Skip to content

Latest commit

 

History

History
36 lines (22 loc) · 1.22 KB

SECURITY.md

File metadata and controls

36 lines (22 loc) · 1.22 KB

Security Policy

Reporting a Vulnerability

If you think you have identified a security issue with an Encode project, do not open a public issue.

To responsibly report a security issue, please navigate to the Security tab for the repo and click "Report a vulnerability."

Screenshot of repo security tab showing "Report a vulnerability" button

Reporting Guidelines

  • Include a detailed description of the vulnerability.
  • Provide steps to reproduce the issue.
  • Mention any affected versions of the software.
  • Include any possible workarounds or mitigations.

Resolution Process

Upon receiving a vulnerability report, we will:

  1. Acknowledge receipt within 2 days.
  2. Assess the issue and confirm its validity.
  3. Provide updates on the status of the resolution.
  4. Release a fix or workaround as necessary.

Confidentiality Notice

Please do not disclose security vulnerabilities publicly until a fix has been made available. We appreciate your cooperation in keeping the details confidential.

If you can contribute with project in security and vulnerability topics, please use the following docs:

Thank You