Skip to content

Security: sassoftware/clinical-standards-toolkit

Security

SECURITY.md

Security Policy

Project mainainers and community contributors take security issues seriously. We appreciate efforts to disclose potential issues responsibly, and we aim to acknowledge viable contributions. To aid investigation of any reported vulnerability(s), please follow the guidelines below when submitting your finding.

Reporting guidelines

To report a suspected security issue, use private vulnerability reporting.

  1. Click the Security tab
  2. Click the Report a vulnerability button

Then provide the following information with suspected security issues:

  • Your name and affiliation
  • Version/build-date of project
  • Issue description
  • Steps to reproduce the issue
  • Current public knowledge of this vulnerability (e.g. related CVE, security advisory, etc.), if known

In project release notes, we'll acknowledge contributors who provide security-related insights in their commits.

There aren’t any published security advisories