mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 17:40:50 +02:00
Merge pull request #10284 from ColtonWilley/security_policy_and_report_template
Publish wolfSSL Security Policy and Vulnerability Report Template
This commit is contained in:
+6
-5
@@ -2,11 +2,12 @@
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
If you discover a vulnerability, please report it to support@wolfssl.com
|
||||
**Use of the wolfSSL Vulnerability Report Template is mandatory.** All security reports must use [`SECURITY-REPORT-TEMPLATE.md`](../SECURITY-REPORT-TEMPLATE.md), with every required field completed. Reports that do not use the template, or that leave required fields incomplete, will not receive CVE consideration.
|
||||
|
||||
1. Include a detailed description
|
||||
2. Include method to reproduce and/or method of discovery
|
||||
3. We will evaluate the report promptly and respond to you with findings.
|
||||
4. We will credit you with the report if you would like.
|
||||
Submit the completed template to **support@wolfssl.com**.
|
||||
|
||||
Non-template submissions may still be reviewed on the merits and, where appropriate, addressed as hardening fixes in a future release.
|
||||
|
||||
**Please keep the vulnerability private** until a fix has been released.
|
||||
|
||||
For the full policy — severity rubric, coordinated-disclosure practice, and reporter credit — see [`SECURITY-POLICY.md`](../SECURITY-POLICY.md).
|
||||
|
||||
Reference in New Issue
Block a user