admin/ghost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update security guidelines and vulnerability reporting

Browse Source
This commit is contained in:
Adir Shitrit
2025-11-08 11:49:12 +02:00
parent e5eeb4fea5
commit cb9e072655
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
SECURITY.md
View File

@@ -65,6 +65,7 @@ We follow responsible disclosure practices:
### Vulnerability Categories We're Interested In ### Vulnerability Categories We're Interested In
**High Priority:** **High Priority:**
- Memory safety violations - Memory safety violations
- Privilege escalation - Privilege escalation
- Code injection vulnerabilities - Code injection vulnerabilities
@@ -72,15 +73,17 @@ We follow responsible disclosure practices:
- Sensitive data exposure - Sensitive data exposure
**Medium Priority:** **Medium Priority:**
- Denial of service - Denial of service
- Information disclosure - Information disclosure
- Logic flaws in detection algorithms - Logic flaws in detection algorithms
**Out of Scope:** **Out of Scope:**
- Issues requiring physical access - Issues requiring physical access
- Social engineering attacks - Social engineering attacks
- Third-party dependency vulnerabilities (unless exploitable through Ghost) - Third-party dependency vulnerabilities (unless exploitable through Ghost)
--- ---
*Last updated: November 2025* *Last updated: November 2025*