Skip to content

Latest commit

 

History

History
53 lines (33 loc) · 2.72 KB

SECURITY.md

File metadata and controls

53 lines (33 loc) · 2.72 KB

Security Policy

Supported Versions

We are committed to maintaining the security and reliability of Green Haven. Below is the list of versions currently supported with security updates:

Version Supported
5.1.x ✅ Actively Supported
5.0.x ❌ End of Support
4.0.x ✅ Actively Supported
< 4.0 ❌ End of Life

Note: Only the latest minor releases within supported major versions will receive updates. If you are using an unsupported version, we strongly recommend upgrading to the latest supported version immediately to ensure security and stability.

Reporting a Vulnerability

We take security issues very seriously. If you discover a vulnerability in our platform, please follow the steps below to report it:

  1. Contact Us: Email the security team directly at [email protected] or [email protected] with the following information:

    • A detailed description of the vulnerability.
    • Steps to reproduce the issue.
    • Any potential impact you foresee.
    • Suggested mitigations (if applicable).

  2. Acknowledgment: Upon receipt of your report, you will receive an acknowledgment within 48 hours, confirming we have received your report and are investigating.

  3. Status Updates: You will receive updates on the progress of our investigation at regular intervals, typically every 7 days, until the issue is resolved.

  4. Resolution Timeline: Depending on the severity, we aim to resolve and deploy a fix within 14 to 30 days of confirming the vulnerability. Critical issues may be addressed sooner.

  5. Disclosure Policy: To protect users, we request that vulnerabilities not be publicly disclosed until we have deployed a patch. If you wish to disclose the issue after a fix, we will coordinate an appropriate timeline for responsible disclosure.

Security Best Practices

To ensure the safety of our users and contributors, Green Haven follows industry-standard security practices, including but not limited to:

  • Regular security audits of our codebase and infrastructure.
  • Dependency checks to prevent vulnerabilities in third-party packages.
  • Secure user authentication and authorization mechanisms.
  • Comprehensive logging and monitoring for potential security breaches.

Disclaimer

Green Haven does not assume liability for vulnerabilities caused by unsupported versions. Users are responsible for keeping their systems updated with the latest security patches.

Thank you for helping us keep Green Haven secure and reliable for everyone. Your efforts and diligence in reporting vulnerabilities are greatly appreciated.