Skip to content

Security: Citadel-Cloud-Management/citadel-saas-factory

Security

.github/SECURITY.md

Security Policy

Supported Versions

Version Supported
3.x Yes
< 3.0 No

Reporting a Vulnerability

Please report security vulnerabilities to: security@citadelcloudmanagement.com

Do NOT open a public issue for security vulnerabilities.

Response Timeline

  • 24 hours: Acknowledge receipt
  • 72 hours: Provide initial assessment and remediation plan
  • 7 days: Release fix for critical vulnerabilities
  • 30 days: Release fix for non-critical vulnerabilities

Disclosure Policy

We follow coordinated disclosure. We ask that you:

  1. Report the vulnerability privately
  2. Allow reasonable time for a fix
  3. Do not exploit the vulnerability beyond proof of concept
  4. Do not disclose publicly until a fix is available

We will credit reporters in our security advisories unless anonymity is requested.

There aren't any published security advisories