Skip to content

Security: thalovant/json_database

SECURITY.md

Security Policy

Reporting a vulnerability

Please report suspected vulnerabilities privately by emailing hello@thalovant.com.

Do not open a public issue for a suspected vulnerability. Include the affected repository or package, the observed behavior, and the minimum reproduction details needed to investigate. Do not include real credentials, customer data, or private exploit details in public channels.

The maintainers will acknowledge critical reports within one hour and high severity reports within one business day. The remediation targets are 24 hours for critical findings and seven days for high findings.

This organization-level policy applies to Thalovant repositories that do not contain a more specific local SECURITY.md.

There aren't any published security advisories