Skip to content

Security: mar10/wsgidav

Security

Report a vulnerability

.github/SECURITY.md

Security Policy

Supported Versions

These project versions are currently being supported with security updates:

Version Supported
4.0.x
< 4.0

Reporting a Vulnerability

Thank you for reporting a security related issue using a private channel instead of opening a public issue!

The security team (i.e. me) will try to acknowledge and respond as quick as possible.

To report a security issue, please email

security(at)wwwendt.de

and, to your best knowledge, please

  • Include your name and affiliation (if any).
  • Include the scope of the vulnerability. Let us know who could use this exploit.
  • Mention the affected versions.
  • Document steps to identify the vulnerability. It is important that we can reproduce your findings.
  • Describe how to exploit vulnerability, give us an attack scenario.
  • If known, describe mitigations for the issue.

This project follows a 90 day disclosure timeline.

(See also Vulnerability Disclosure Cheat Sheet.)

Learn more about advisories related to mar10/wsgidav in the GitHub Advisory Database