Skip to main content
Version: 1.9

Disclosure

The Kubewarden team greatly appreciates investigative work into security vulnerabilities carried out by well-intentioned, ethical security researchers. We follow the practice of responsible disclosure in order to best protect Kubewarden's user-base from the impact of security issues. On our side, this means:

  • We will respond to security incidents on priority.
  • We will release fixes for issues as soon as is practical, keeping in mind that not all risks are created equal.
  • We will always transparently let the community know about any incident that affects them.

If you have found a security vulnerability in Kubewarden, we kindly ask that you disclose it responsibly by emailing kubewarden@suse.de. Please do not discuss potential vulnerabilities in public without validating with us first.

On receipt the security team will:

  • Review the report, verify the vulnerability and respond with confirmation and/or further information requests.
  • Once the reported security bug has been addressed we will notify the Researcher, who is then welcome to optionally disclose publicly.