| Version | Supported |
|---|---|
| 0.1.x | ✅ |
If you discover a security vulnerability in python-icap, please report it responsibly:
- Do not open a public GitHub issue for security vulnerabilities
- Email the maintainers directly or use GitHub's private vulnerability reporting
- Include as much detail as possible:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Initial Response: Within 48 hours
- Status Update: Within 7 days
- Resolution Target: Within 30 days (depending on complexity)
When using python-icap:
- Always use TLS/SSL when connecting to ICAP servers over untrusted networks
- Validate and sanitize any user-provided input before passing to ICAP methods
- Keep python-icap and its dependencies up to date
- Review ICAP server configurations for security hardening