Skip to content

Latest commit

 

History

History
27 lines (18 loc) · 773 Bytes

File metadata and controls

27 lines (18 loc) · 773 Bytes

Security Policy

Supported Versions

Version Supported
1.x Yes

Reporting a Vulnerability

If you discover a security vulnerability in ALNUR, please do not open a public GitHub issue.

Instead, report it privately:

  1. Go to the Security tab of this repository
  2. Click Report a vulnerability
  3. Provide a clear description, steps to reproduce, and potential impact

We will respond within 72 hours and aim to release a fix within 14 days for confirmed vulnerabilities.

Scope

Reports are welcome for:

  • Remote code execution in the scanner itself
  • Path traversal when scanning user-supplied paths
  • Dependency confusion or supply chain issues
  • False negative patterns that would cause ALNUR to miss critical vulnerabilities