RandomSec/SECURITY.md
Thad Guidry efb6a032c8
Add Security Policy on how we handle reports (#3405)
* Add Security Policy on how we handle reports

* Update SECURITY.md

Co-authored-by: Antonin Delpeuch <antonin@delpeuch.eu>

* Add note about privately reporting

...to the openrefine-coredev@googlegroups.com mailing list
Note, mailing list group is private already but does indeed allow outside persons to email to us.
** Group members - can post but posts from new members will be held for moderation.

Co-authored-by: Antonin Delpeuch <antonin@delpeuch.eu>
2021-03-03 11:33:21 +01:00

729 B

OpenRefine Security Policy

Supported Versions

Version Supported
3.4.x
<= 3.3

Reporting a Vulnerability

You can privately report a vulnerability to us by sending a report to this private mailing list mailto:openrefine-coredev@googlegroups.com

Our core team will try their best to fix any valid vulnerability that is reported to them.

Keep in mind that OpenRefine is designed to run locally on a users PC, while also making network calls across the internet only upon a users choice or command.

As such, certain vulnerabilities might not apply to OpenRefine's design.