Skip to content

Security: 0x77dev/pdf-sign

SECURITY.md

Security Policy

Reporting a vulnerability

Please report suspected vulnerabilities privately through GitHub's private vulnerability reporting for this repository:

https://github.com/0x77dev/pdf-sign/security/advisories/new

Do not open a public issue for a suspected vulnerability. Include enough detail to reproduce the issue when possible: affected version or commit, platform, input files or commands, expected behavior, and observed behavior.

Supported versions

Security reports are handled for the current main branch and the latest published tag or release of pdf-sign, if any. If you are unsure whether your build is affected, include the package version, commit, tag, or other build source you used.

Disclosure

Security fixes are coordinated through the private advisory until a fix is available. Public disclosure should wait until maintainers have had a reasonable chance to investigate and prepare a fix.

There aren't any published security advisories