|
|
@@ -0,0 +1,31 @@
|
|
|
+# Security Policy
|
|
|
+
|
|
|
+## Supported Versions
|
|
|
+
|
|
|
+latest
|
|
|
+
|
|
|
+## Reporting a Vulnerability
|
|
|
+
|
|
|
+Please do not report security vulnerabilities through public GitHub issues.
|
|
|
+
|
|
|
+Instead, please report them at https://github.com/opendatalab/MinerU/security.
|
|
|
+
|
|
|
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
|
|
|
+
|
|
|
+ * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
|
|
|
+ * Full paths of source file(s) related to the manifestation of the issue
|
|
|
+ * The location of the affected source code (tag/branch/commit or direct URL)
|
|
|
+ * Any special configuration required to reproduce the issue
|
|
|
+ * Step-by-step instructions to reproduce the issue
|
|
|
+ * Proof-of-concept or exploit code (if possible)
|
|
|
+ * Impact of the issue, including how an attacker might exploit the issue
|
|
|
+
|
|
|
+This information will help us triage your report more quickly.
|
|
|
+
|
|
|
+## Preferred Languages
|
|
|
+
|
|
|
+We prefer all communications to be in English and Chinese.
|
|
|
+
|
|
|
+## Policy
|
|
|
+
|
|
|
+We will fix security issues in the project's own code as quickly as possible. Before the project completes the fix, you must not disclose the vulnerability information to any public platform.
|
Xiaomeng Zhao