| Version | Supported |
|---|---|
| latest | ✅ |
| older | ❌ |
If you discover a security vulnerability, please report it via:
Private vulnerability reporting (recommended)
Go to the Security Advisories page and click Report a vulnerability to submit a private report.
Alternatively, you can send details to security@koderover.com.
Please include the following information in your report:
- Type of vulnerability
- Full paths of source file(s) related to the vulnerability
- Location of the affected source code
- Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if possible)
- Impact of the issue
We aim to acknowledge reports within 48 hours and provide a target timeline for the fix. We follow a responsible disclosure process and will coordinate with you on the public disclosure.
- We request that you give us reasonable time to address the vulnerability before disclosing it publicly.
- We will credit reporters in the security advisory if desired.