Skip to content

Security: deecoyz/anuraOS

Security

SECURITY.md

Security Rating Vulnerabilities

Security Policy

Supported Versions

Version Supported
1.2.1
1.1.1
1.0.0

Reporting a Vulnerability

In the case that you somehow manage to find a vulnerability in Anura please contact [email protected]

REMEMBER: Please DO NOT report vulnerabilities in the repository Issues tab.

What You Should Report

If you are wondering what counts as a vulnerability, heres a good list:

  • XSS in the Anura URL
  • The ability to execute arbitrary code on the server hosting Anura (not in Anura itself, as this is an intended feature)
  • The ability to crash Anura (As in for everyone, not just your browser session)

Implementing Security (For Project Members and Contributors)

See SECURITY-BP.md for instructions on implementing security in your code.

There aren’t any published security advisories