ActiveCipherStorage is a security-sensitive library. Please report suspected vulnerabilities privately.
Until the first stable release, security fixes target the latest released version and main.
| Version | Supported |
|---|---|
| 0.1.x | Yes |
Do not open a public GitHub issue for a vulnerability.
Please report security issues using GitHub's private vulnerability reporting feature if it is enabled for the repository:
https://github.com/codebyjass/active-cipher-storage/security/advisories/new
If private vulnerability reporting is not available, open a minimal issue asking for a private contact channel without including exploit details.
Include as much of the following as possible:
- Affected version or commit.
- Description of the issue and impact.
- Steps to reproduce.
- Any proof-of-concept code.
- Suggested mitigation, if known.
Reports will be reviewed as quickly as possible. Valid vulnerabilities will be fixed in a patch release when appropriate, and the changelog will note the security impact without exposing unnecessary exploit detail.