We take the security of M.A.R.I.A. (Managing Application Risk Integrated Analysis) seriously. If you discover any security issues or vulnerabilities, please disclose them responsibly by following these steps:
-
Privately Notify Us: Please avoid publicly disclosing the issue until we have had a chance to address it. You can contact us directly via email at [email protected].
-
Provide Details: Please provide us with detailed information about the vulnerability, including:
- Steps to reproduce the issue
- Possible impact of the vulnerability
- Any suggested mitigations or fixes
-
Be Patient: We will acknowledge your report within 48 hours and will strive to keep you informed about our progress in resolving the issue.
-
Public Disclosure: We will coordinate with you regarding the timing of any public disclosure once the issue has been fully resolved.
Currently, we support the latest version of MARIA. Security fixes will generally be applied to the latest release.
| Version | Supported |
|---|---|
| 1.0.0 | ✅ |
| 0.x.x | ❌ |
- We request that you do not publicly disclose any vulnerabilities without first contacting us.
- We commit to acknowledging and responding promptly to security vulnerability reports.
- We will provide fixes or workarounds for validated security vulnerabilities in a timely manner.
For any questions or concerns regarding security, please contact us at [email protected].
We thank all security researchers and users who have helped improve the security of MARIA by reporting vulnerabilities.