photoprism/SECURITY.md

22 lines
898 B
Markdown
Raw Normal View History

2021-10-23 18:31:29 +02:00
**Please contact us at [security@photoprism.app](mailto:security@photoprism.app) when you've discovered a potential security issue.**
2021-05-31 17:06:18 +02:00
2021-10-23 18:31:29 +02:00
At a minimum, your report should include the following:
2021-05-31 17:06:18 +02:00
2021-10-23 18:31:29 +02:00
* Version and architecture
* Vulnerability description
* Reproduction steps
2021-05-31 17:06:18 +02:00
2021-10-23 18:31:29 +02:00
We will then try to reproduce the problem, determine the impact and get back to you as soon as possible.
2021-05-31 17:06:18 +02:00
2021-10-23 18:31:29 +02:00
Avoid activities that disrupt, degrade, or interrupt our services or compromise other users' data, such as spam, brute force attacks, denial of service attacks, and malicious file distribution.
2021-05-31 17:06:18 +02:00
2021-10-23 18:31:29 +02:00
You are welcome to also report vulnerabilities in third-party applications that we may not be able to fix directly.
2021-05-31 17:06:18 +02:00
### Responsible Disclosure ###
2021-10-23 18:31:29 +02:00
1. Confirm that the vulnerability applies to a current version
2. First share the vulnerability details with us
3. Wait for resolution before sharing details
**Thank you!** 👍