We are committed to ensuring the security of secure-cm. Security updates are applied to the latest version.
| Version | Supported |
|---|---|
| 2025.x.x | ✅ |
| < 2025 | ❌ |
The security of this package is our top priority. We take all reported vulnerabilities seriously. If you discover a security vulnerability, please follow these steps:
-
Do not create a public GitHub issue. Please report the vulnerability privately.
-
Email the project author directly at
mamedul.pub@gmail.com. -
Please include "Security Vulnerability Report: secure-cm" in the subject line.
-
Provide a detailed description of the vulnerability, including:
-
Steps to reproduce the vulnerability.
-
The version of the package you are using.
-
Any relevant code snippets or proof-of-concept.
-
Potential impact of the vulnerability.
-
We will acknowledge your email within 48 hours and will work with you to understand and resolve the issue. We will provide you with a timeline for a fix and will publicly disclose the vulnerability once a patch is available.
We appreciate your efforts to responsibly disclose your findings and make this project more secure for everyone.