Skip to content

Security: dotorg-projects/data-finder

Security

SECURITY.md

Security Policy

Supported Versions

Security fixes are provided for the latest released version of EP Finder.

Reporting a Vulnerability

Please do not report security vulnerabilities through public GitHub issues.

Report suspected vulnerabilities by using GitHub private vulnerability reporting when it is enabled for this repository. If private vulnerability reporting is unavailable, contact the maintainers through the organization channels listed in the repository profile and include:

  • A description of the vulnerability and affected version.
  • Steps to reproduce or a minimal proof of concept.
  • Potential impact.
  • Any recommended mitigation, if known.

Maintainers should acknowledge reports within 7 days and coordinate disclosure timelines with the reporter.

Scope

EP Finder is a .NET library that integrates with Entity Framework Core. Reports are in scope when they affect the library, package metadata, build and release automation, or project documentation that may cause insecure usage.

Issues in third-party dependencies should also be reported upstream to the relevant project.

There aren't any published security advisories