31 lines
1.4 KiB
Markdown
31 lines
1.4 KiB
Markdown
# MindsDB Security Policy
|
|
|
|
At MindsDB, we consider the security of our systems a top priority. However, no matter how much effort we put into system security, there can still be vulnerabilities present.
|
|
Supported Versions
|
|
|
|
MindsDB only offers security patches for the following versions
|
|
|
|
| Version | Supported |
|
|
| ------- | ------------------ |
|
|
| >=23.6.1.1 | :white_check_mark: |
|
|
|
|
### Reporting a Vulnerability
|
|
|
|
If you discover a security vulnerability, we appreciate your efforts to responsibly disclose your findings by sending an email to hello@mindsdb.com, providing as much detail as you can. Please do not publicly disclose these details without express consent from us.
|
|
|
|
Upon receiving your email, our security team will assess and respond to your report. We strive to keep all communication channels open with you to address your report effectively.
|
|
Disclosure Policy
|
|
|
|
Once we have received and evaluated your vulnerability report, MindsDB commits to:
|
|
|
|
* Confirm the receipt of your report
|
|
* Assess the vulnerability report to confirm its validity
|
|
* Work on a fix and update the impacted versions
|
|
* Publicly disclose the vulnerability after it has been addressed, giving credit to the reporter if they wish
|
|
|
|
### Comments on this Policy
|
|
|
|
If you have any suggestions to improve this policy, please let us know. We are committed to ensuring that our policy works effectively for everyone involved.
|
|
|
|
Thank you for helping to make MindsDB safer for everyone.
|