Skip to content

Security: cassiodeveloper/MARIA

SECURITY.md

Security Policy

Reporting a Security Issue

We take the security of M.A.R.I.A. (Managing Application Risk Integrated Analysis) seriously. If you discover any security issues or vulnerabilities, please disclose them responsibly by following these steps:

  1. Privately Notify Us: Please avoid publicly disclosing the issue until we have had a chance to address it. You can contact us directly via email at [email protected].

  2. Provide Details: Please provide us with detailed information about the vulnerability, including:

    • Steps to reproduce the issue
    • Possible impact of the vulnerability
    • Any suggested mitigations or fixes
  3. Be Patient: We will acknowledge your report within 48 hours and will strive to keep you informed about our progress in resolving the issue.

  4. Public Disclosure: We will coordinate with you regarding the timing of any public disclosure once the issue has been fully resolved.

Supported Versions

Currently, we support the latest version of MARIA. Security fixes will generally be applied to the latest release.

Version Supported
1.0.0
0.x.x

Vulnerability Disclosure Policy

  • We request that you do not publicly disclose any vulnerabilities without first contacting us.
  • We commit to acknowledging and responding promptly to security vulnerability reports.
  • We will provide fixes or workarounds for validated security vulnerabilities in a timely manner.

Contact Us

For any questions or concerns regarding security, please contact us at [email protected].

Acknowledgments

We thank all security researchers and users who have helped improve the security of MARIA by reporting vulnerabilities.

There aren’t any published security advisories