We aim to address security vulnerabilities in the latest stable release of Nakafa. Please ensure you are using the most up-to-date version before reporting an issue.
| Version | Supported |
|---|---|
| Latest | ✅ |
The Nakafa team takes security vulnerabilities seriously. We appreciate your efforts to responsibly disclose your findings.
To report a security vulnerability, please do not create a public GitHub issue. Instead, email the details of your findings directly to nakafaai@gmail.com.
Please include the following information in your report:
- A clear description of the vulnerability.
- Steps to reproduce the vulnerability.
- The version(s) of Nakafa affected.
- Any potential impact of the vulnerability.
- (Optional) Your name or handle for acknowledgment.
You can expect a response from us within 48-72 hours acknowledging receipt of your report. We will work with you to understand and address the issue promptly. We kindly ask that you refrain from publicly disclosing the vulnerability until we have had sufficient time to release a patch.
Thank you for helping keep Nakafa secure.