Currently, we are providing security updates for the following versions of this project:
| Version | Supported |
|---|---|
| 1.0.x | ✅ |
We take the security of our project seriously. If you believe you've found a security vulnerability, please follow these steps:
-
Do not disclose the vulnerability publicly - Please do not create a public GitHub issue for security vulnerabilities.
-
Report the vulnerability - Send details of the vulnerability to AWS/Amazon Security via the vulnerability reporting page.
-
Provide details - Please include as much information as possible, including:
- The type of vulnerability
- Full paths of affected files
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any potential fixes you've identified
-
Response time - We aim to acknowledge receipt of vulnerability reports within 48 hours and will strive to provide a more detailed response within 96 hours.
-
Resolution and disclosure - We'll work with you to understand and resolve the issue. We'll coordinate with you on the disclosure timeline.
Thank you for helping to keep our project and our users secure!