Skip to content

Latest commit

 

History

History
34 lines (22 loc) · 1.14 KB

File metadata and controls

34 lines (22 loc) · 1.14 KB

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in KP Ruck, please report it responsibly through GitHub Security Advisories:

  1. Go to the Security Advisories page
  2. Click "New draft security advisory"
  3. Fill in the details of the vulnerability
  4. Submit the advisory

This ensures the report is private and only visible to repository maintainers until a fix is released.

What to Expect

  • We will acknowledge your report within 48 hours
  • We will provide an estimated timeline for a fix
  • We will notify you when the vulnerability is resolved
  • We will credit you in the release notes (unless you prefer to remain anonymous)

Scope

This policy applies to the latest version of KP Ruck on the main branch.

Out of Scope

  • Vulnerabilities in third-party dependencies (please report these to the respective maintainers)
  • Issues in demo/development environments
  • Social engineering attacks

Please Do Not

  • Open a public GitHub issue for security vulnerabilities
  • Share vulnerability details publicly before a fix is available