mirror of
https://github.com/bunkerity/bunkerized-nginx
synced 2023-12-13 21:30:18 +01:00
security - add security policy
This commit is contained in:
parent
94bef079a8
commit
b2cfc15c2a
1 changed files with 17 additions and 0 deletions
17
SECURITY.md
Normal file
17
SECURITY.md
Normal file
|
@ -0,0 +1,17 @@
|
|||
# Security policy
|
||||
|
||||
Even though this project is focused on security, it is still prone to possible vulnerabilities. We consider every security bug as a serious issue and will try our best to address it.
|
||||
|
||||
## Responsible disclosure
|
||||
|
||||
If you have found a security bug, please send us an email at security \[@\] bunkerity.com with technical details so we can resolve it as soon as possible.
|
||||
|
||||
Here is a non-exhaustive list of issues we consider as high risk :
|
||||
- Vulnerability in the core
|
||||
- Bypass of a security feature
|
||||
- Vulnerability in a third-party dependency
|
||||
- Risk in the supply chain
|
||||
|
||||
## Bounty
|
||||
|
||||
To encourage responsible disclosure, we may reward you with a bounty at the sole discretion of the maintainers.
|
Loading…
Reference in a new issue