Report a vulnerability
Please fill out the form to report a vulnerability or email a description to email@example.com.
Our disclosure timeline
- Vulnerability is identified or Disclosed to Node Security Platform - We will endeavor to keep reporter / finder in the loop with all communications / events.
- Maintainers are notified if it's not a self disclosure.
- Node Security subscribers are notified and provided guidance and recommendations for mitigation
- After a fix is made available the public advisory is finalized and a CVE requested.
- If no fix is available after 45 days the advisory will timeout and will be made publicly available.