cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
zitadel-oidc/SECURITY.md
Florian Forster f73b1b2d7a
minor text changes
2019-11-15 15:07:36 +01:00

1.2 KiB
Raw Blame History

Security Policy

At @caos we are extremely grateful for security aware people that disclose vulnerabilities to us and the Open Source Community. All reports are thoroughly investigated by our engineering team.

Supported Versions

After the initial Release the following version support will aplly

Version Supported
1.x.x (note yet available)
0.x.x

Reporting a vulnerability

To file a incident, please disclose by email to security@caos.ch a list with the security details.

At the moment GPG encryption is no yet supported, however you may sign your message at will.

### When should I report a vulnerability?

  • You think you discovered a ...
    • ... potential security vulnerability in the SDK
    • ... vulnerability in another project that this SDK bases on
  • For projects with their own vulnerability reporting and disclosure process, please report it directly there

When should I NOT report a vulnerability?

  • You need help applying security related updates
  • Your issue is not security related

Security Vulnerability Response

Public Disclosure Timing