Skip to content

Security: cryxnet/crawnet

SECURITY.md

Security Policy

This document outlines the security policy for this repository and provides guidance on how to report security vulnerabilities.

Reporting a Vulnerability

If you discover a security vulnerability, please report it by sending an email to cryxnet@proton.me. Please include the following details in your report:

  • A brief description of the vulnerability
  • Steps to reproduce the vulnerability
  • Potential impact of the vulnerability
  • Any additional information that may be helpful in addressing the vulnerability

Scope

This security policy applies to all aspects of this repository, including but not limited to:

  • Source code
  • Documentation
  • Issues
  • Pull requests
  • Dependencies
  • Infrastructure

Response

Upon receiving a security vulnerability report, we will strive to respond in a timely manner and keep the reporter informed of our progress towards a resolution.

We will investigate the vulnerability and determine its severity and impact. Depending on the severity of the vulnerability, we will take appropriate action to address it, which may include:

  • Developing a fix and releasing a patch
  • Disabling the affected functionality
  • Providing mitigations or workarounds
  • Communicating with users about the vulnerability

Disclosure

We will disclose security vulnerabilities and our response to them in a responsible and timely manner, in accordance with industry best practices. We may include security advisories in our release notes or on our website, and we may also notify affected users directly if necessary.

Acknowledgments

We appreciate the efforts of security researchers and others who help us maintain the security of this repository. We will acknowledge security vulnerability reports and credit reporters as appropriate, unless anonymity is requested.

There's no bounty reward

There aren’t any published security advisories