github.com/argoproj-labs/argocd-operator@v0.10.0/docs/SECURITY.md

github.com/argoproj-labs/argocd-operator@v0.10.0/docs/SECURITY.md (about)

     1  # Security
     2  
     3  ## Reporting a Vulnerability
     4  
     5  If you find a security related bug in Argo CD Operator, we kindly ask you for responsible
     6  disclosure and for giving us appropriate time to react, analyze and develop a
     7  fix to mitigate the found security vulnerability.
     8  
     9  Please report vulnerabilities via e-mail to the following address:
    10  
    11  * argocd-operator-security@redhat.com
    12  
    13  All vulnerabilities and associated information will be treated with full confidentiality.
    14  
    15  ## Public Disclosure
    16  
    17  Security vulnerabilities will be disclosed via release notes. Release notes for a specific release can be found under the Releases section. For example, release notes for v0.3.0 can be found [here](https://github.com/argoproj-labs/argocd-operator/releases/tag/v0.3.0) and using the
    18  [GitHub Security Advisories](https://github.com/argoproj-labs/argocd-operator/security/advisories)
    19  feature to keep our community well informed, and will credit you for your findings (unless you prefer to stay anonymous, of course).
    20  
    21  !!! note 
    22      Please report the vulnerabilities related to Argo CD operator only. Please read Argo CD security [policy](https://github.com/argoproj/argo-cd/blob/master/SECURITY.md) if you would like to report any vulnerabilities related to Argo CD.