vxdb is pre-1.0. Security fixes are applied to the latest released version on
PyPI. We recommend always running the most recent 0.x release.
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
| < 0.1 | ❌ |
Please do not report security vulnerabilities through public GitHub issues.
Instead, report them privately using one of the following:
- GitHub Security Advisories (preferred) — open a private report at Security → Report a vulnerability.
Please include as much of the following as you can:
- A description of the vulnerability and its impact.
- Steps to reproduce, or a proof-of-concept.
- Affected version(s) and platform (OS, Python version).
- Any suggested remediation, if known.
- Acknowledgement within 72 hours.
- An initial assessment and severity classification within 7 days.
- Coordinated disclosure: we will work with you on a fix and a public advisory, and credit you (unless you prefer to remain anonymous).
Thank you for helping keep vxdb and its users safe.