Skip to content

Security: inventree/InvenTree

Security

SECURITY.md

Security Policy

The InvenTree team take all security vulnerabilities seriously. Thank you for improving the security of our open source software. We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.

Reporting a Vulnerability

Please report security vulnerabilities by emailing the InvenTree team at:

security@inventree.org

Someone from the InvenTree development team will acknowledge your email as soon as possible, and indicate the next steps in handling your security report.

The team will endeavour to keep you informed of the progress towards a fix for the issue, and subsequent release to the stable and development code branches. Where possible, the issue will be resolved within 90 days of reporting.

Learn more about advisories related to inventree/InvenTree in the GitHub Advisory Database