Skip to content

Security: Jeka8833/FoxyFace

SECURITY.md

Security Policy

If you have found a security vulnerability, please read the information below to learn how to report it safely and securely.


Supported Versions

Security updates are currently provided only for the latest stable release.

Version Supported
Latest Stable ✅ Supported
< Latest Stable ❌ Unsupported

Reporting a Vulnerability

⚠️ CRITICAL: Please do not use public GitHub Issues to report security vulnerabilities.

To report a vulnerability, please use one of the following private channels:

  1. GitHub Security Advisories (Preferred): Go to the Security Advisories tab and click "Report a vulnerability" to submit a private report.
  2. Direct Contact: Contact the author directly via the methods specified on @Jeka8833's GitHub profile.

What to include in your report:

To help us investigate and fix the issue faster, please include:

  • Description: A detailed description of the vulnerability and its potential impact.
  • Reproduction: Clear steps to reproduce the issue (including any Proof of Concept code or configuration).
  • Environment: The exact version of FoxyFace and the environment/OS where the issue was observed.

Our Response Process

  • Acknowledgement: We will acknowledge receipt of your report within 48 hours.
  • Investigation: Once confirmed, we will investigate the issue and keep you updated on our progress and the estimated time to patch.
  • Resolution & Credit: After the vulnerability is fixed, a new release will be published. We will gladly credit you for the discovery (unless you prefer to remain anonymous).

PS. Let's hope that no one ever needs this information, but there are a lot of libraries in the project.

There aren't any published security advisories