You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- A clear description of the vulnerability and its potential impact
33
+
- Steps to reproduce or a proof-of-concept
34
+
- Affected package(s) and version(s)
35
+
- Any suggested mitigations, if known
36
+
37
+
### Response Timeline
38
+
39
+
1.**Acknowledgement** — We aim to acknowledge reports within **4 days**.
40
+
2.**Assessment** — We will confirm the issue, determine severity, and identify affected versions.
41
+
3.**Fix & Release** — A patch release will be prepared and coordinated with the reporter.
42
+
4.**Disclosure** — A GitHub Security Advisory (and CVE if applicable) will be published after the fix is available.
43
+
44
+
We follow [coordinated vulnerability disclosure](https://vuls.cert.org/confluence/display/CVD). Reporters are credited in the advisory unless they prefer otherwise.
0 commit comments