mirror of
https://github.com/foss42/apidash.git
synced 2025-12-02 02:39:19 +08:00
27 lines
1.4 KiB
Markdown
27 lines
1.4 KiB
Markdown
# Security Policy
|
|
|
|
This document describes the management of vulnerabilities for API Dash project & the Dart/Flutter packages in the repository.
|
|
|
|
## Preferred Languages
|
|
|
|
We prefer all communications to be in English.
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
**Please do not report security vulnerabilities through public GitHub issues.**
|
|
|
|
Individuals who find potential vulnerabilities in API Dash and Dart/Flutter packages in the API Dash repository are invited to [open a draft security advisory](https://github.com/foss42/apidash/security/advisories/new) for discussion and collaboration on the fix.
|
|
|
|
Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
|
|
- Type of issue (e.g. buffer overflow, poisoned dependency, cross-site scripting, etc.)
|
|
- Full paths of source file(s) related to the manifestation of the issue
|
|
- The location of the affected source code (tag/branch/commit or direct URL)
|
|
- Any special configuration required to reproduce the issue
|
|
- Step-by-step instructions to reproduce the issue
|
|
- Proof-of-concept or exploit code (if possible)
|
|
- Impact of the issue, including how an attacker might exploit the issue
|
|
|
|
This information will help us triage your report more quickly.
|
|
|
|
Our team will positivey respond to any reported vulnerability and take swift action to resolve it.
|