At PrivatePing, we take security seriously. If you believe you have found a security vulnerability in our project, we encourage you to let us know right away. We appreciate your efforts and will do our best to address the issue promptly.
To report a security vulnerability, please send an email to info[at]princekhunt.com with the following details:
- Description of the vulnerability
- Steps to reproduce the vulnerability
- Any additional information or context that may be helpful
We kindly request that you refrain from publicly disclosing the vulnerability until we have had an opportunity to address it.
Upon receiving a security vulnerability report, we will strive to follow these general timelines:
- Acknowledgment: We will acknowledge your report within 48 hours of receiving it.
- Investigation: Our team will investigate and validate the vulnerability's presence within the project. This process may take some time depending on the complexity of the issue.
- Resolution: Once validated, we will work diligently to develop and test a fix for the vulnerability.
- Disclosure: We will coordinate with you regarding the public disclosure of the vulnerability. Generally, we aim to release a fix and disclose the vulnerability within 30 days of initial report, provided it does not require additional coordination with third-party vendors or dependencies.
This security policy applies to vulnerabilities discovered in (PrivatePing's GitHub repository).
Please note that this policy does not cover security vulnerabilities in third-party dependencies. If you believe a vulnerability exists in a third-party dependency used by PrivatePing, please follow responsible disclosure practices and report it directly to the maintainers of the affected project.
As a token of our appreciation for responsibly disclosing security vulnerabilities, we may offer rewards or acknowledgments to individuals who report valid vulnerabilities. The nature and extent of any reward will be determined at our discretion.
We greatly value your assistance in helping us maintain the security of PrivatePing. Thank you for your contributions to the safety and integrity of our project.