We release patches for security vulnerabilities. Which versions are eligible for receiving such patches depends on the nature of the vulnerability and the availability of the fixes.
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
If you discover a security vulnerability, please report it to us in a responsible manner.
- Do not open an issue describing the vulnerability.
- Contact the maintainers directly at
ren3gadem4rm0t+security [at] proton [dot] me. - Please include the following details in your report:
- Description of the vulnerability.
- Steps to reproduce the vulnerability.
- Impact of the vulnerability.
- Possible mitigations or fixes, if known.
We take all vulnerability reports seriously and will work to address any issues as quickly as possible. After confirming the vulnerability, we will take the following steps:
- Acknowledge the receipt of the report and communicate with you regarding the issue.
- Investigate and confirm the vulnerability.
- Develop and test a fix.
- Release the fix in a timely manner.
- Credit the reporter in the release notes, if they so wish.
We are committed to the security of our project and appreciate your help in keeping it secure.
Thank you for helping to keep cef-parser-go safe and secure for everyone.