We take the security of our project seriously and appreciate your efforts to responsibly disclose vulnerabilities. If you believe you have found a security vulnerability in the GoDS project, please report it by following the steps below.
A security vulnerability in the GoDS project is any issue that can potentially allow an attacker to compromise the integrity, availability, or confidentiality of the data structures and algorithms provided by the library. Examples include but are not limited to:
- Buffer Overflows
- Denial of Service (DoS)
- Improper Handling of User Input
- Insecure Use of Cryptographic Algorithms
- Memory Leaks
- Race Conditions
- Unsafe Concurrency Practices
Please report vulnerabilities by opening a private issue on our GitHub repository:
- GitHub Issue Tracker: Open a private issue here. Make sure the issue is marked as confidential and contains detailed information about the vulnerability and steps to reproduce it.
- Initial Acknowledgment: We will acknowledge receipt of your report within 2 business days.
- Assessment: We will assess the vulnerability and determine its impact. This process may take up to 5 business days.
- Mitigation: If the vulnerability is confirmed, we will work on a mitigation plan and provide an estimated timeline for the fix. This typically takes between 15 and 30 days.
- Disclosure: We will notify you when the vulnerability is fixed and coordinate a public disclosure, ensuring you receive credit for the discovery if you wish.
- GitHub Issue Tracker: Report an issue
Use this section to verify if the version of GoDS you are using is currently supported and eligible for security updates.
| Version | Supported |
|---|---|
| 1.x.y | ✅ |
| 0.x.y | ❌ |