Skip to content

Latest commit

 

History

History
28 lines (18 loc) · 1.79 KB

SECURITY.md

File metadata and controls

28 lines (18 loc) · 1.79 KB

Security Policy

Reporting a Vulnerability

The KubeRocketCI team takes security issues very seriously. If you believe you have found a security vulnerability in the KubeRocketCI Documentation, we encourage you to let us know as soon as possible. We will investigate all legitimate reports and do our best to quickly fix the problem.

How to Report a Security Vulnerability?

Please report any (suspected) security vulnerabilities to [email protected]. We take security issues seriously and will respond to your report within 48 hours. To assist us in understanding the nature and extent of the issue, please provide as much information as possible, including:

  • Full paths of source file(s) related to the manifestation of the issue
  • The location of the affected documentation content
  • Any special configuration required to reproduce the issue
  • Step-by-step instructions to reproduce the issue
  • Proof-of-concept or exploit code (if possible)
  • Impact of the issue, including how an attacker could exploit the issue

This information will help us to better understand the nature and scope of the potential issue and work on fixing it more efficiently.

Policy

  • Please do not publicly disclose the details of any potential security vulnerabilities without express written consent from us. We want to ensure that our users have time to deploy any fixes and that we have time to address the issue comprehensively before it becomes public knowledge.
  • We aim to resolve security issues within 7 days of their disclosure, depending on the complexity of the issue.
  • Once the issue has been resolved, we will publish a security advisory alongside the documentation update.

Contact Information

For any questions regarding this security policy, please contact us at [email protected].