mirror of
https://github.com/mustbeperfect/definitive-opensource.git
synced 2026-04-18 12:54:09 +02:00
28 lines
975 B
Markdown
28 lines
975 B
Markdown
# Security Policy
|
|
|
|
The inherent nature of this project has no security vulnerabilities, but this isn't the case for the hundreds of projects we feature here. Raise an issue if a project had/is having a security incident, and it will be labeled with the appropriate tag.
|
|
|
|
|
|
|
|
`🟡` `🟠` `🔴` `⭕` - Security incident **(Minor, Moderate, Major, Critical)**
|
|
|
|
`🟡` - Low impact issues that do not significantly compromise security
|
|
* Weak encryption
|
|
* Oudated dependencies with low-severity CVEs.
|
|
* Minor security concerns raised but not actively exploited
|
|
|
|
|
|
`🟠` - Issues that pose a potential risk but not actively exploited
|
|
* Outdated dependencies with moderate-severity CVEs
|
|
|
|
|
|
`🔴` - High impact issues that are being actively exploited, resulting in a significant security breach
|
|
* Outdated dependencies with major security risks
|
|
* Leaked API keys
|
|
|
|
|
|
`⭕` - Catastrophic issues with widespread impact
|
|
* Zero-day exploits
|
|
* Full system compromise
|
|
* Mass data breach
|