Skip to content

Latest commit

 

History

History
43 lines (26 loc) · 2.32 KB

SECURITY.md

File metadata and controls

43 lines (26 loc) · 2.32 KB

Medicod Security Policy

Reporting a Security Vulnerability

At Medicod, we take security seriously and welcome the assistance of the security community in making our platform more secure. If you discover a security vulnerability, please help us by responsibly disclosing it to us.

To report a security vulnerability, please follow these steps:

  1. Privately Notify Us: Send an email to [email protected] with a detailed description of the vulnerability. Do not post the issue publicly until we've had a chance to address it.

  2. Provide Details: In your report, include the following details:

    • A clear and concise description of the vulnerability.
    • Information on how to reproduce the vulnerability.
    • The version of Medicod affected by the vulnerability.
    • Any additional information that can help us understand and address the issue.
  3. Cooperate with Us: We will acknowledge the receipt of your report within [X] business days and work with you to understand and resolve the issue.

  4. Responsible Disclosure: After we have addressed the issue, we encourage responsible disclosure. We will work with you to determine an appropriate release schedule for the fix and provide you with credit in our release notes.

Security Updates

Medicod is committed to maintaining the security of our platform. We actively monitor for potential vulnerabilities and release updates as needed. We encourage all users to keep their installations up to date to benefit from these security improvements.

Security Patch Policy

When a security vulnerability is identified and confirmed, our policy is to:

  • Prioritize the issue and initiate immediate remediation.
  • Develop a patch or update to address the vulnerability.
  • Communicate the issue and provide details on the vulnerability to our users.
  • Release a new version of Medicod that includes the patch.
  • Notify users, through release notes or other appropriate channels, to update to the latest version containing the fix.

Contact

If you have any questions or concerns regarding this security policy, please contact us at [email protected].

License

This security policy is subject to the terms of [MIT License]. By participating in this project or using our software, you agree to abide by its terms.