This document serves to outline the security policies in place for the IP-2-CloudResource project.
See below for a list of versions and their current support status for security patches.
| Version | Supported |
|---|---|
| 3.x.x | ✅ |
| 2.x.x | |
| < 2.0.0 | ❌ |
To report a vulnerability, please use GitHub's built-in private security reporting tool for this project. You should expect to hear a response within 5 business days.
Maintainers attempt to provide a remediation to a security vulnerability within the following SLO guidelines:
| Severity | Time to Remediation (TTR) |
|---|---|
| CRITICAL | 7 DAYS |
| HIGH | 30 DAYS |
| MEDIUM | 90 DAYS |
| LOW | 120 DAYS |