Skip to content

Security: getmykhan/vxdb

Security

SECURITY.md

Security Policy

Supported Versions

vxdb is pre-1.0. Security fixes are applied to the latest released version on PyPI. We recommend always running the most recent 0.x release.

Version Supported
0.1.x
< 0.1

Reporting a Vulnerability

Please do not report security vulnerabilities through public GitHub issues.

Instead, report them privately using one of the following:

  1. GitHub Security Advisories (preferred) — open a private report at Security → Report a vulnerability.

Please include as much of the following as you can:

  • A description of the vulnerability and its impact.
  • Steps to reproduce, or a proof-of-concept.
  • Affected version(s) and platform (OS, Python version).
  • Any suggested remediation, if known.

What to Expect

  • Acknowledgement within 72 hours.
  • An initial assessment and severity classification within 7 days.
  • Coordinated disclosure: we will work with you on a fix and a public advisory, and credit you (unless you prefer to remain anonymous).

Thank you for helping keep vxdb and its users safe.

There aren't any published security advisories