We sincerely request you to keep the vulnerability information confidential and responsibly disclose the vulnerabilities.
To report a vulnerability, please contact the Security Team: [email protected]. You can email the Security Team with the security details and the details expected for kurator vulnerability report.
The team will help diagnose the severity of the issue and determine how to address the issue. The reporter(s) can expect a response within 2 business day acknowledging the issue was received. If a response is not received within 2 business day, please reach out to any Security Team member (listed here, under the The Security Team section) directly to confirm receipt of the issue. We’ll try to keep you informed about our progress throughout the process.
- You think you discovered a potential security vulnerability in Kurator
- You are unsure how a vulnerability affects Kurator
- You need help tuning Kurator components for security
- You need help applying security related updates
- Your issue is not security related
If you think you discovered a vulnerability in another project that Kurator depends on, and that project has their own vulnerability reporting and disclosure process, please report it directly there.