Security fixes are provided for the most recently released version of Neovolve.Configuration.DependencyInjection published on NuGet. Please upgrade to the latest release before reporting a vulnerability.
Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.
Instead, report them privately using GitHub's private vulnerability reporting. This opens a confidential advisory that only the maintainers can see.
When reporting, please include as much of the following as you can:
- The affected version(s) and target framework.
- A description of the vulnerability and its impact.
- Steps to reproduce, ideally a minimal reproducer or failing test.
- Any known workarounds.
This is a community-maintained open source project without a dedicated 24/7 response team, so please allow a reasonable amount of time for an initial response. We will acknowledge your report, work with you to understand and validate the issue, and coordinate the disclosure timeline with you once a fix is available.