If you discover a security vulnerability in this project, please report it responsibly.
Do not open a public GitHub issue for security vulnerabilities.
Please report security vulnerabilities via GitHub Security Advisories.
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested mitigations
- Acknowledgement: within 2 business days
- Initial assessment: within 5 business days
- Fix and disclosure: coordinated with the reporter
We actively maintain the latest release. Security patches are applied to the most recent version.
| Version | Supported |
|---|---|
| Latest | ✅ Yes |
| Older | ❌ No |
This policy covers security vulnerabilities in the Dakera deployment tooling, including:
- Docker Compose configurations and container definitions
- Helm chart templates and default values
- Startup scripts and environment configuration
- Network and service exposure settings
For vulnerabilities in the Dakera server itself, see the dakera repository. For the hosted Dakera service, use the same reporting channel above.