mirror of
https://github.com/gchq/CyberChef
synced 2024-12-27 13:03:11 +00:00
26 lines
1.3 KiB
Markdown
26 lines
1.3 KiB
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
CyberChef is supported on a best endeavours basis. Patches will be applied to
|
|
the latest version rather than retroactively to older versions. To ensure you
|
|
are using the most secure version of CyberChef, please make sure you have the
|
|
[latest release](https://github.com/gchq/CyberChef/releases/latest). The
|
|
official [live demo](https://gchq.github.io/CyberChef/) is always up to date.
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
In most scenarios, the most appropriate way to report a vulnerability is to
|
|
[raise a new issue](https://github.com/gchq/CyberChef/issues/new/choose)
|
|
describing the problem in as much detail as possible, ideally with examples.
|
|
This will obviously be public. If you feel that the vulnerability is
|
|
significant enough to warrant a private disclosure, please email
|
|
[oss@gchq.gov.uk](mailto:oss@gchq.gov.uk) and
|
|
[n1474335@gmail.com](mailto:n1474335@gmail.com).
|
|
|
|
Disclosures of vulnerabilities in CyberChef are always welcomed. Whilst we aim
|
|
to write clean and secure code free from bugs, we recognise that this is an open
|
|
source project written by analysts in their spare time, relying on dozens of
|
|
open source libraries that are modified and updated on a regular basis. We hope
|
|
that the community will continue to support us as we endeavour to maintain and
|
|
develop this tool together.
|