Security is at the forefront of what we do. We make a significant effort to keep everything secure for our users, but if you happen to find parts of our code that are vulnerable please let us know through huntr.dev so that we can address it.
You can also get ahold of us is on our Gitter community channel.
These are the timeframes in which we aim to resolve any security issue, based on their severity:
| Severity | Resolution time SLO |
|---|---|
| Critical | 2 days |
| High | 5 days |
| Medium | 14 days |
| Low | 31 days |
Anyone reporting a vulnerability will be added to our credits permanently. Bounty rewards are determined by industry-first equation from huntr.dev to understand the popularity, impact and value of repositories to the open source community.
Reconmap would like to thank the following people who have responsibly disclosed vulnerabilities to us:
- Ioan Iuga (https://cyberlegion.io/)
- Guilherme Rodrigues (https://twitter.com/guilhermesgi) and Brute Bee (https://twitter.com/BruteBee)
Please find the FAQ and Responsible disclosure policy from huntr.dev.