mirror of
https://github.com/gotenberg/gotenberg.git
synced 2026-07-02 00:17:40 +08:00
1018 B
1018 B
Security Policy
Supported Versions
Only the latest version of Gotenberg receives security updates and patches. Keep your environment up to date.
Reporting a Vulnerability
If you discover a security vulnerability, do not publish it publicly. Send details via email to neuhart [dot] julien [at] gmail [dot] com with the subject indicating a Gotenberg security vulnerability report.
Include:
- A detailed description of the vulnerability.
- Steps to reproduce the issue.
- Any potential impact on users or the system.
This process is handled on a 'best-effort' basis. Response speed may vary depending on severity and available resources.
Disclosure Policy
Once a vulnerability report is received and confirmed:
- A fix and release timeline will be prepared.
- You will be notified when the fix is released.
- You will be credited for the discovery (unless you request anonymity).
Comments on this Policy
If you have suggestions on how this process could be improved, submit a pull request.