Skip to content

Latest commit

 

History

History
42 lines (26 loc) · 2.36 KB

SECURITY.md

File metadata and controls

42 lines (26 loc) · 2.36 KB

Security Policy

Reporting a Vulnerability

We take the security of egyscan seriously. If you discover any security-related issues or vulnerabilities, we encourage you to disclose them to us responsibly. We appreciate your cooperation and will work with you to address any valid concerns.

To report a security vulnerability, please email us at [email protected]. If possible, encrypt your message using our PGP key to prevent the information from being intercepted.

Public disclosure of security vulnerabilities before they have been addressed is strongly discouraged, and we request that you allow us adequate time to investigate and mitigate the issue before making any information public.

When reporting a security vulnerability, please provide the following information:

  • Description of the vulnerability, including steps to reproduce it.
  • Version of egyscan in which the vulnerability is present.
  • Any other relevant details that may help in understanding and reproducing the issue.

Responsible Disclosure

We believe in responsible disclosure and will make every effort to acknowledge your report and keep you informed throughout the process. Once we receive your vulnerability report, we will:

  • Confirm that we have received your report within [15] days.
  • Begin investigating the issue, assigning it an initial severity level.
  • Work with you to reproduce and understand the vulnerability, if needed.
  • Develop and implement a fix for the vulnerability.
  • Provide you with a timeline for when the fix is expected to be released.

Security Updates and Fixes

Security fixes will be addressed in a timely manner and included in the next release after they have been thoroughly tested and confirmed.

Vulnerability Severity Classification

The severity of reported vulnerabilities will be classified using the following scale:

  • Critical: Vulnerabilities that could lead to system compromise, data breach, or unauthorized access.
  • High: Significant vulnerabilities that could result in a system breach or unauthorized access.
  • Medium: Moderate vulnerabilities that could potentially impact system integrity or confidentiality.
  • Low: Minor vulnerabilities with limited potential for harm.

Security Contact

For security-related inquiries or to report a vulnerability, please contact us at [email protected].