Skip to content

Security: InseeFrLab/onyxia

Security

SECURITY.md

Security Policy for Onyxia

Supported Versions

We only support the last version of Onyxia

Reporting a Vulnerability

We take the security of Onyxia seriously. If you believe you've found a security vulnerability in Onyxia, we encourage you to let us know right away.

Steps:

  1. Please do not report security vulnerabilities through public GitHub issues.
  2. Instead, send an email to [innovation@insee.fr] with a detailed description of the issue.
  3. Include steps to reproduce, if possible. This will help us resolve any potential vulnerabilities faster.
  4. We will acknowledge receipt of your vulnerability report and will send you regular updates about our progress.

Our Commitment:

  • If you choose to share your contact information, we will acknowledge your report within 24 hours.
  • We will give you an estimate of how long it will take to address the vulnerability.
  • We'll notify you when the vulnerability is fixed.

You can report vulnerabilities anonymously if you wish, but we encourage you to share your contact information so we can reach out if we need additional information.

Disclosure Policy

Once we've assessed a reported vulnerability, we'll make every effort to keep affected users informed and coordinate the disclosure of the vulnerability with you.


Thank you for helping to keep Onyxia and our users safe!

Learn more about advisories related to InseeFrLab/onyxia in the GitHub Advisory Database