Skip to content

Latest commit

 

History

History
18 lines (9 loc) · 1.2 KB

SECURITY.md

File metadata and controls

18 lines (9 loc) · 1.2 KB

Security Vulnerabilities

The CLA Assistant is built with security and data privacy in mind to ensure your data is safe.

Reporting

We are grateful for security researchers and users reporting a vulnerability to us, first. To ensure that your request is handled in a timely manner and non-disclosure of vulnerabilities can be assured, please follow the below guideline.

Please do not report security vulnerabilities directly on GitHub. GitHub Issues can be publicly seen and therefore would result in a direct disclosure.

For reporting a vulnerability, please use the Vulnerability Report Form for Security Researchers on SAP Trust Center. Please address questions about data privacy, security concepts, and other media requests using the Vulnerability Report Form for Security Researchers on SAP Trust Center.

Disclosure Handling

SAP is committed to timely review and respond to your request. The resolution of code defects will be handled by a dedicated group of security experts and prepared in a private GitHub repository. The project will inform the public about resolved security vulnerabilities via GitHub Security Advisories.