Skip to content

Security: Ingridamilsina/cirrus-ci-docs

Security

docs/security.md

Security Policy

Reporting a Vulnerability

If you find a security vulnerability in the Cirrus CI platform (the backend, web interface, etc.), please follow the steps below.

  1. Do NOT comment about the vulnerability publicly.

  2. Please email [email protected] with the following format:

    Subject: Platform Security Risk
    
    HOW TO EXPLOIT
    
    Give exact details so our team can replicate it.
    
    OTHER INFORMATION
    
    If anything else needs to be said, put it here.
    
  3. Please be patient. You will get an email back soon.

Thank you! 🙌

There aren’t any published security advisories