We release patches for security vulnerabilities in the following versions:
| Version | Supported |
|---|---|
| x.y.z | ✅ |
| a.b.c | ❌ |
| d.e.f | ❌ |
If you discover a security vulnerability, please follow the steps below:
- Do not disclose the vulnerability publicly. Instead, please report it to us directly.
- Contact us via email: Send the details of the vulnerability to security@cloudflavor.io. Include the following information:
- A description of the vulnerability
- Steps to reproduce the vulnerability
- Potential impact
- Any suggested mitigation or remediation steps
We take all reports seriously and will investigate the issue as soon as possible. You can expect a response within 48 hours, and we will keep you informed about the progress of our investigation and any measures we take to address the issue.
Once a vulnerability is reported:
- We will confirm the receipt of the report within 48 hours.
- Our security team will investigate the issue and determine the impact and severity.
- We will work on a fix for the issue and prepare a patch release.
- We will notify you when the fix is available and thank you for your responsible disclosure.
We recommend that all users regularly update to the latest version of the software to benefit from security updates and patches.
We thank all individuals and organizations that have responsibly disclosed vulnerabilities and contributed to the security of our software.
If you have any further questions about our security policies or need additional information, please contact us at security@cloudflavor.io.
Thank you for helping us keep our project secure!