github.com/anchore/syft@v1.38.2/SECURITY.md

github.com/anchore/syft@v1.38.2/SECURITY.md (about)

     1  # Security Policy
     2  
     3  ## Supported Versions
     4  
     5  <!-- Use this section to tell people about which versions of your project are
     6  currently being supported with security updates.
     7  
     8  | Version | Supported          |
     9  | ------- | ------------------ |
    10  | 5.1.x   | :white_check_mark: |
    11  | 5.0.x   | :x:                |
    12  | 4.0.x   | :white_check_mark: |
    13  | < 4.0   | :x:                |
    14  
    15  -->
    16  
    17  Security updates are applied only to the most recent release, try to always be up to date.
    18  
    19  ## Reporting a Vulnerability
    20  
    21  <!-- Use this section to tell people how to report a vulnerability.
    22  
    23  Tell them where to go, how often they can expect to get an update on a
    24  reported vulnerability, what to expect if the vulnerability is accepted or
    25  declined, etc. -->
    26  
    27  To report a security issue, please email
    28  [security@anchore.com](mailto:security@anchore.com)
    29  with a description of the issue, the steps you took to create the issue,
    30  affected versions, and, if known, mitigations for the issue.
    31  
    32  All support will be made on a best effort basis, so please indicate the "urgency level" of the vulnerability as Critical, High, Medium or Low.