| Version | Supported |
|---|---|
| 1.3.x | ✅ Active support |
| 1.2.x | ✅ Security fixes |
| < 1.2 | ❌ No support |
We take security seriously at AutoML Studio Pro. If you discover a security vulnerability, please follow responsible disclosure practices.
Email: himanshu231204@gmail.com
Subject: [SECURITY] AutoML Studio Pro - Vulnerability Report
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact assessment
- Suggested fix (if any)
- Your contact information for follow-up
| Stage | Timeframe |
|---|---|
| Acknowledgment | Within 48 hours |
| Initial Assessment | Within 1 week |
| Fix Development | 2-4 weeks (depending on severity) |
| Public Disclosure | After fix is released |
| Level | Description | Response Time |
|---|---|---|
| 🔴 Critical | Remote code execution, data breach | 24-48 hours |
| 🟠 High | Privilege escalation, significant data exposure | 1 week |
| 🟡 Medium | Limited data exposure, requires specific conditions | 2 weeks |
| 🟢 Low | Minor issues, best practice violations | 1 month |
- Keep Updated: Always use the latest version
- Secure Environment: Run in isolated environments
- Data Privacy: Don't upload sensitive data to demo instances
- Model Security: Protect exported models from unauthorized access
- Input Validation: Always validate user inputs
- Dependency Scanning: Use
safetyto check for vulnerable packages - Code Review: All changes require review before merge
- Secrets Management: Never commit credentials or API keys
- ✅ XSRF protection enabled
- ✅ Input sanitization for CSV uploads
- ✅ Model validation before loading
- ✅ Secure file handling
- ✅ Dependency vulnerability scanning in CI
- Uploaded files are processed in memory
- No data is stored permanently on servers
- Model artifacts are user-controlled
- Session data is cleared on browser close
We use automated tools to monitor dependencies:
- Safety: Scans for known vulnerabilities
- Dependabot: Automated dependency updates
- GitHub Security Advisories: Monitored for new vulnerabilities
For security-related inquiries:
- Email: himanshu231204@gmail.com
- GitHub Security: Create a security advisory
Last Updated: March 2026