The RHEL Lightspeed team at Red Hat takes security vulnerabilities seriously.
Please do not report security vulnerabilities through public GitHub issues.
Instead, use GitHub Security Advisories (GHSA) to report vulnerabilities privately.
We follow a 90-day responsible disclosure timeline:
- Report received and acknowledged within 5 business days
- Investigation and fix developed within 90 days
- Coordinated disclosure after fix is available
This policy applies to the docs2db project maintained by Red Hat's RHEL Lightspeed team.