We are currently providing security updates for the following versions:
| Version | Supported |
|---|---|
| 1.0.0 | ✅ |
Other versions of this project are considered out of scope for security issues.
We take the security of Prismo seriously. If you've found a security vulnerability, we appreciate your help in disclosing it to us in a responsible manner.
Please do not report security vulnerabilities through public GitHub issues.
Instead, please report them directly to us via email at Email. We will coordinate the fix and disclosure based on the severity and complexity of the vulnerability.
You should expect a response within 48 hours. If for some reason you do not, please follow up via email to ensure we received your original message.
After the initial reply to your report, our team will keep you informed of the progress towards a fix and full announcement. We may ask for additional information or guidance.
If we confirm the vulnerability, we will:
- Confirm receipt of your vulnerability report
- Work on a fix and release it as soon as it is ready, depending on complexity
- Publicly disclose the issue after the fix has been released
We appreciate your effort and responsible disclosure and will acknowledge your contribution when we disclose the issue.