Skip to content

Security: IAAUTECO-inc/YGGDRASIL

Security

SECURITY.md

Vulnerability Disclosure Policy (VDP)

Supported Versions

Version Supported
1.x (Stable) ✅ Yes
0.x (Legacy) ❌ No

Reporting a Vulnerability

The security of critical infrastructure is our highest priority. If you identify a vulnerability, please follow this protocol:

  1. Do not open a public Issue.
  2. Submit a detailed report to [your-secure-email@domain.com].
  3. (Optional) Encrypt your message via our PGP Public Key (available upon request).

Response Timeline

  • Acknowledgment: 24-72 hours.
  • Analysis & Validation: 7 business days.
  • Remediation & Disclosure: Timeline based on severity.

We practice coordinated disclosure: we request that you do not disclose the vulnerability until a patch has been released.

There aren't any published security advisories