Skip to content

Security: reallyme/cose

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

Report suspected vulnerabilities privately through GitHub Security Advisories: open the repository's Security tab and choose Report a vulnerability. Do not open public issues or pull requests for suspected vulnerabilities.

Include the affected crate version, a description of the issue, and a reproduction if available. Do not include exploit payloads targeting third-party deployments.

Supported Versions

Only the latest published version of reallyme-cose receives security fixes.

Scope

This policy covers the reallyme-cose crate in this repository. Issues in reallyme-crypto, reallyme-codec, or other dependencies should be reported to their respective repositories.

There aren't any published security advisories