Please use the following versions of WEM as they are currently being supported with security updates.
Version | Supported |
---|---|
1.11 | ✅ |
< 1.10 | ❌ |
We take the security of our project very seriously. If you have discovered a security vulnerability within WEM, we encourage you to inform us immediately. Please follow these steps to report it responsibly.
-
Do not publish the details of the vulnerability publicly. This includes discussion forums or other GitHub issues that are not secured.
-
Send a detailed report to
contact@wem-project.org
. Be sure to include the necessary information to reproduce the issue. This helps us to quickly understand the scope and urgency of the situation. -
Do not disclose the details of the vulnerability to others until we have had a chance to address it. We will give you a timeline of when and how the issue will be dealt with. We appreciate your help in maintaining confidentiality until we have a fix in place.
We will review all vulnerability reports and do our best to confirm the issues quickly. Once confirmed, we will release an update as swiftly as possible, depending on the complexity of the issue.
Once a vulnerability in WEM has been fixed, we commit to publishing a public disclosure to inform the community about the issues and their solutions. This disclosure will include acknowledgments to the security researchers who have helped resolve the problem.
Thank you for helping us make WEM safer and we appreciate your effort in reporting issues responsibly.
Thank you for contributing to the security of WEM!