20 lines
470 B
Markdown
20 lines
470 B
Markdown
# Security Policy
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
If you find a security issue, please email security@lerkolabs.com rather than opening a public issue.
|
|
|
|
Include:
|
|
- Description of the vulnerability
|
|
- Steps to reproduce
|
|
- Potential impact
|
|
|
|
We'll acknowledge within 48 hours and aim to patch within 7 days for critical issues.
|
|
|
|
## Scope
|
|
|
|
- SSH server authentication
|
|
- Cluster API authentication
|
|
- Stored credentials (alert provider tokens)
|
|
- Status page information leakage
|