If you discover a security vulnerability, please report it responsibly:
Email: [email protected]
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
- Acknowledgment: Within 48 hours
- Initial assessment: Within 1 week
- Resolution: Depends on severity (critical issues prioritized)
This policy covers:
- RunAnywhere SDK code (Swift, Kotlin, React Native, Flutter)
- Native libraries (runanywhere-commons)
- Example applications
Please do not publicly disclose vulnerabilities until we've had a chance to address them. We appreciate your help in keeping our users safe.