Skip to content

Security: billymaulana/nuxt-actions

Security

SECURITY.md

Security Policy

Supported Versions

Version Supported
1.0.x
< 1.0

Reporting a Vulnerability

Please do NOT open public issues for security vulnerabilities.

Instead, report vulnerabilities through one of these channels:

  1. GitHub Security Advisories (preferred): Create a security advisory

  2. Direct contact: Open a private vulnerability report via GitHub's security tab.

What to Include

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Suggested fix (if any)

What to Report

  • Input validation bypasses
  • Prototype pollution vulnerabilities
  • Server-side injection risks
  • Authentication/authorization bypasses in middleware
  • Information disclosure through error messages
  • Denial of service vectors

Response Timeline

  • Acknowledgment: Within 48 hours
  • Assessment: Within 5 business days
  • Fix for critical issues: Within 7 days
  • Fix for non-critical issues: Next patch release

Disclosure

We follow coordinated disclosure. We will work with you to understand and address the issue before any public disclosure.

There aren't any published security advisories