From 57bb7ba4b4ae7af2202a17112c95d5c36053eda0 Mon Sep 17 00:00:00 2001 From: Grant Limberg Date: Mon, 6 Mar 2023 12:39:27 -0800 Subject: [PATCH] more details for reporting an issue --- SECURITY.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/SECURITY.md b/SECURITY.md index 6729447f0..b6ea8d654 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -20,6 +20,19 @@ The following versions of ZeroTier one receive security updates Instead, please report vulerabilities via email to security@zerotier.com. If possible, please encrypt with our PGP key (see below). +Please include the following information, or as much as you can provide to help us +understand the nature and scope of the issue: + + + * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) + * Full paths of source file(s) related to the manifestation of the issue + * The location of the affected source code (tag/branch/commit or direct URL) + * Any special configuration required to reproduce the issue + * Step-by-step instructions to reproduce the issue + * Proof-of-concept or exploit code (if possible) + * Impact of the issue, including how an attacker might exploit the issue + + ## Preferred Languages We prefer all communications to be in English.