Skip to content

Security: ElsevierSoftwareX/SOFTX-D-24-00373

Security

SECURITY.md

Security Policy

Supported Versions

AISdb is committed to maintaining the security of our software and promptly addressing security vulnerabilities. The following table provides an overview of the versions of AISdb currently receiving security updates:

Version Supported
> 1.7.0
< 1.7.1

Reporting a Vulnerability

The AISdb team takes security vulnerabilities seriously. If you discover a security issue within AISdb, please report it by following the guidelines below. This allows us to assess the risk and take the necessary steps to mitigate the vulnerability as quickly as possible.

How to Report a Security Vulnerability:

  • Email: Send an email to aisviz@dal.ca. Please include a detailed description of the issue, including the steps to reproduce the vulnerability. If possible, include patches, scripts, or other resources that could help evaluate the vulnerability.
  • GitHub Issue: For vulnerabilities that do not immediately impact the security of the project or its users (such as potential optimizations or best practices), consider opening a GitHub issue on our repository.

Response Expectations:

  • Acknowledgment: You can expect to receive an acknowledgment of your report within 72 hours.
  • Communication: We will keep you informed of your report's status, including the vulnerability assessment, throughout the resolution process.
  • Confidentiality: Please keep the communication regarding the security issue confidential until we have assessed the impact and publicly disclosed the vulnerability.
  • Disclosure: Once the vulnerability has been addressed, we will provide a report about the issue, the steps taken to resolve it, and any applicable acknowledgments to those who reported it.

We appreciate your support in making AISdb more secure. By following these guidelines, we can work together to ensure the security and integrity of the AISdb project.

There aren’t any published security advisories