Security Policy

Description: A clear description of the vulnerability
Impact: The potential impact and severity of the issue
Steps to Reproduce: Detailed steps to reproduce the vulnerability
Proof of Concept: If possible, include a proof-of-concept or example code
Affected Versions: Which versions of Trustpoint are affected
Suggested Fix: If you have suggestions for how to fix the issue

Reporting a Vulnerability

The Trustpoint team takes security vulnerabilities seriously. We appreciate your efforts to responsibly disclose your findings.

Report vulnerabilities privately through GitHub's security advisory feature:

This ensures your report remains private until we've addressed the issue and allows for secure collaboration.

Please include the following information in your report:

We will acknowledge receipt of your vulnerability report within 5 business days
We will provide an estimated timeline for a fix
We will keep you informed about the progress of addressing the vulnerability
Once the vulnerability is fixed, we will publicly acknowledge your responsible disclosure (unless you prefer to remain anonymous)

For general security questions or concerns, please contact:

For general questions and discussions, visit our GitHub Discussions.