Skip to content

Security: dukeofharen/httplaceholder

Security

docs/SECURITY.md

Security Policy

Reporting a Vulnerability

If there are any vulnerability in HttPlaceholder project, don't hesitate to report them.

  1. Use any of the private contact addresses.
  2. Describe the vulnerability.
  • If you have a fix, explain or attach it.
  • In the near time, expect a reply with the required steps. Also, there may be a demand for a pull request which include the fixes.

You should not disclose the vulnerability publicly if you haven't received an answer in some weeks. If the vulnerability is rejected, you may post it publicly within some hour of rejection, unless the rejection is withdrawn within that time period. After the vulnerability has been fixed, you may disclose the vulnerability details publicly over some days.

There aren’t any published security advisories