Skip to content

Security: Ya-wenWu/SecsGemLab

.github/SECURITY.md

Security Policy

Supported Versions

Only the latest major release receives security patches.

Reporting a Vulnerability

Report vulnerabilities privately by opening a GitHub Issue with [SECURITY] prefix. Do not file public issues for active vulnerabilities.

Response Commitment

  • 48h: Acknowledgment
  • 7 days: Initial triage
  • 30 days: Fix or mitigation

Disclosure

We follow coordinated disclosure. Patches are published with a CVE identifier and advisory in the release notes.

There aren't any published security advisories