Welcome to the ParityVend API Security Policy. We take the security of our software seriously, and we appreciate your help in keeping our services safe for everyone.
The security of ParityVend API is a top priority. If you believe you have found a security vulnerability in any supported version, please report it to us so we can work together to improve the security of ParityVend API.
To report a security issue, please follow the steps below:
- Send an email to "tech AT ambeteco DOT com".
- Include "Security Vulnerability Report" in the subject line.
- Provide a detailed description of the vulnerability, including the following where applicable:
- The version(s) affected.
- A description of the vulnerability and its potential impact.
- Steps to reproduce or a proof-of-concept (PoC).
- Any relevant screenshots or supporting information.
We kindly ask that you do not publicly disclose the vulnerability until we have had a reasonable amount of time to investigate and address it.
We will acknowledge your report within 5 business days and provide an estimated timeline for addressing the vulnerability. We may follow up with additional questions or requests for more information as we investigate the issue.
Once the vulnerability has been resolved, we will credit you in our release notes and security advisories, unless you prefer to remain anonymous.
When a vulnerability is discovered and deemed significant, we will release a patch as soon as possible, depending on the complexity of the fix. We will also provide a detailed report on our GitHub repository explaining the vulnerability, the fix, and steps for users to update.
We strive to follow secure development practices and regularly review our code for potential vulnerabilities. However, no software is perfect, and we appreciate the efforts of the security research community in helping us identify and address any issues.
Please note that we reserve the right not to address vulnerabilities that we deem to be low-risk or impractical to fix. In such cases, we will provide an explanation for our decision.
For any general queries related to the security policy, please contact us at "tech AT ambeteco DOT com".
Thank you for supporting the security of ParityVend API.