Files
gotenberg/SECURITY.md
T

1018 B

Security Policy

Supported Versions

Only the latest version of Gotenberg receives security updates and patches. Keep your environment up to date.

Reporting a Vulnerability

If you discover a security vulnerability, do not publish it publicly. Send details via email to neuhart [dot] julien [at] gmail [dot] com with the subject indicating a Gotenberg security vulnerability report.

Include:

  • A detailed description of the vulnerability.
  • Steps to reproduce the issue.
  • Any potential impact on users or the system.

This process is handled on a 'best-effort' basis. Response speed may vary depending on severity and available resources.

Disclosure Policy

Once a vulnerability report is received and confirmed:

  • A fix and release timeline will be prepared.
  • You will be notified when the fix is released.
  • You will be credited for the discovery (unless you request anonymity).

Comments on this Policy

If you have suggestions on how this process could be improved, submit a pull request.