mirror of
https://github.com/mustbeperfect/definitive-opensource.git
synced 2026-04-18 16:13:24 +02:00
31 lines
994 B
Markdown
31 lines
994 B
Markdown
# Security Policy
|
|
|
|
The inherent nature of this project has no security vulnerabilities, but this isn't the case for the hundreds of projects we feature here. Raise an issue if a project had/is having a security incident, and it will be labeled with the appropriate tag.
|
|
|
|
`🟡` `🟠` `🔴` `⭕` - Security incident **(Minor, Moderate, Major, Critical)**
|
|
|
|
```
|
|
🟡 - Low impact issues that do not significantly compromise security
|
|
* Weak encryption
|
|
* Oudated dependencies with low-severity CVEs.
|
|
* Minor security concerns raised but not actively exploited
|
|
```
|
|
|
|
```
|
|
🟠 - Issues that pose a potential risk but not actively exploited
|
|
* Outdated dependencies with moderate-severity CVEs
|
|
```
|
|
|
|
```
|
|
🔴 - High impact issues that are being actively exploited, resulting in a significant security breach
|
|
* Outdated dependencies with major security risks
|
|
* Leaked API keys
|
|
```
|
|
|
|
```
|
|
⭕ - Catastrophic issues with widespread impact
|
|
* Zero-day exploits
|
|
* Full system compromise
|
|
* Mass data breach
|
|
```
|