Skip to content

Security: kuvasz-uptime/kuvasz

Security

Report a vulnerability

SECURITY.md

Security Policy for Kuvasz

At Kuvasz, we take the security of our project seriously. This document outlines our security policy, including how to report vulnerabilities, our disclosure policy, and supported versions.

Reporting a Vulnerability

We appreciate the efforts of security researchers and the community in helping us keep Kuvasz secure. If you discover a security vulnerability within Kuvasz, please report it to us as soon as possible.

Please DO NOT open a public GitHub issue.

Instead, please report vulnerabilities via:

When reporting, please include the following information:

  • A clear and concise description of the vulnerability.

  • Steps to reproduce the vulnerability.

  • The version(s) of Kuvasz affected.

  • Any potential impact of the vulnerability.

  • Your contact information (optional, but helpful for follow-up).

We aim to acknowledge receipt of your report within 48 hours.

Disclosure Policy

Once a vulnerability is reported, we will:

  1. Confirm Receipt: Acknowledge your report within 48 hours.

  2. Investigate: Our team will investigate the reported vulnerability to confirm its existence and impact.

  3. Remediate: If confirmed, we will work diligently to develop a fix.

  4. Notify: We will keep you informed of our progress.

  5. Public Disclosure: Once a fix is available and widely deployed (e.g., through a new release), we will disclose the vulnerability publicly, giving credit to the reporter (unless they wish to remain anonymous). We aim for a coordinated disclosure, allowing users sufficient time to update.

We strive to fix critical vulnerabilities as quickly as possible, typically within 90 days, but this timeline may vary depending on the complexity of the issue.

Supported Versions

We currently provide security updates for the following versions of Kuvasz:

Version Supported
1.x.x ❌ No
2.x.x ✅ Yes

Users are strongly encouraged to use the latest supported version to ensure they receive all security patches.

Security Best Practices for Users

To help keep your use of Kuvasz secure:

  • Always use the latest stable and supported version of Kuvasz.

  • Keep your development environment and dependencies up to date.

  • Follow secure coding practices if you are contributing to or extending Kuvasz.

  • Regularly review your own code and configurations for potential security weaknesses.

Thank you for helping us make Kuvasz a secure project for everyone.

There aren’t any published security advisories