Skip to content

Security: ls1intum/hestia

Security

SECURITY.md

Security Policy

Supported Versions

Currently, this repository is a research prototype. Security updates are applied to the main branch on a best-effort basis.

Reporting a Vulnerability

If you discover a security vulnerability within Hestia, please DO NOT open a public issue. Instead, please email the project maintainers or the TUM thesis advisors directly. Include detailed steps to reproduce the vulnerability. We will endeavor to respond within 5 business days and coordinate a fix.

Authentication Warning

Some prototype applications in this repository (e.g., Workshopper) do not currently have authentication layers implemented and are designed for VPN-internal or local academic use only. Do not deploy these components on public IP addresses without implementing proper authentication.

There aren't any published security advisories