The Ambitus projects each have a security policy to enhance communications about emerging vulnerabilities. All projects in Ambitus have a private vulnerability reporting mechanism for issues discovered in the field that require a patch.
See SECURITY.md in the associated respository for each project for details about the project's supported versions.
Please note that this repository contains the common Ambitus project information and overall status. It does not have an associated installable code set. For the purposes of establishing a common structure for the project, it does have an associated release that is supported.
| Version | Supported |
|---|---|
| 1.0.0 | ✅ |
If you discover a vulnerability in the contents of this repository, please consider opening an issue describing the problem. If you wish to identify the problem privately, you may open a private security advisory to communicate directly with the team.
Vulnerabilities will be addressed within 2 weeks, using the channel (public issue or private advisory) where the issue was identified.