Reporting a Vulnerability
We strongly encourage you to report potential security vulnerabilities to us first, before disclosing them in a public forum. Report any security vulnerabilities via email to firstname.lastname@example.org.Please send one plain-text email for each vulnerability you are reporting. We can then request more details later (screenshots, videos, etc.) in a secure manner. Patched vulnerabilities are noted in our release notes. Before reporting any vulnerabilities, please make sure a patch is not already available.
A high-level overview of our vulnerability handling process:
- A vulnerability is reported privately via email to Green Rocket Security
- If necessary, further information is gathered securely
- Green Rocket Security reviews and assesses the vulnerability
- Green Rocket Security includes a patch/fix in a subsequent GreenRADIUS update to address the vulnerability