From f71334a04cf624e6c05ba23afce18bcb2f21d7c3 Mon Sep 17 00:00:00 2001 From: Max Bachmann Date: Tue, 9 Jan 2024 00:03:25 +0100 Subject: [PATCH] Create SECURITY.md --- SECURITY.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..5ad4a63 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,19 @@ +## Reporting Security Issues + +If you believe you have found a security vulnerability in the project, please report it to us through coordinated disclosure. + +**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.** + +Instead, please send an email to oss@maxbachmann.de. + +Please include as much of the information listed below as you can to help us better understand and resolve the issue: + + * The type of issue (e.g., buffer overflow, SQL injection, or cross-site scripting) + * Full paths of source file(s) related to the manifestation of the issue + * The location of the affected source code (tag/branch/commit or direct URL) + * Any special configuration required to reproduce the issue + * Step-by-step instructions to reproduce the issue + * Proof-of-concept or exploit code (if possible) + * Impact of the issue, including how an attacker might exploit the issue + +This information will help us triage your report more quickly.