Skip to content

Security: ZephyrusFoundation/.github

SECURITY.md

Security Policy

Reporting a Vulnerability

At Zephyrus Foundation, we take the security of our systems seriously. If you discover a security vulnerability in any of our projects, please help us responsibly disclose the issue.

How to Report

Please report security vulnerabilities directly to us via the following email:

[email protected]

Your report should include:

  • A detailed description of the vulnerability.
  • Steps to reproduce the issue.
  • Any potential impacts or consequences.
  • If possible, a proof of concept (PoC) to demonstrate the vulnerability.

Please DO NOT create public issues on GitHub for security vulnerabilities, as this could expose the vulnerability to others before it is fixed.

Response Time

  • We aim to acknowledge receipt of the report within 48 hours.
  • A fix will be prioritized and released as soon as possible, depending on the severity of the vulnerability.
  • We will keep you updated on the status of the issue and notify you when it is resolved.

Scope

This security policy covers the following repositories:

General Guidelines

  • If you are unsure whether an issue is security-related, err on the side of caution and report it via the security email.
  • We ask that you give us reasonable time to fix any vulnerabilities before publicly disclosing the issue.
  • We encourage you to check for and report any third-party libraries or dependencies that may also be vulnerable.

Security Updates

We recommend that users regularly update their versions of our software to the latest stable releases, as these often include important security updates.

Thanks

We appreciate the effort of all contributors and security researchers who take the time to help keep our projects safe.

There aren’t any published security advisories