uptime-kuma/SECURITY.md

1.3 KiB

Security Policy

Reporting a Vulnerability

  1. Please report security issues to https://github.com/louislam/uptime-kuma/security/advisories/new.
  2. Please also create a empty security issues for alerting me, as GitHub Advisory do not send a notification, I probably will miss without this. https://github.com/louislam/uptime-kuma/issues/new?assignees=&labels=help&template=security.md

Do not use the public issue tracker or discuss it in the public as it will cause more damage.

Do you accept other 3rd-party bug bounty platforms?

At this moment, I DO NOT accept other bug bounty platforms, because I am not familiar with these platforms and someone have tried to send a phishing link to me by this already. To minimize my own risk, please report through GitHub Advisories only. I will ignore all 3rd-party bug bounty platforms emails.

Supported Versions

Uptime Kuma Versions

You should use or upgrade to the latest version of Uptime Kuma. All 1.X.X versions are upgradable to the lastest version.

Upgradable Docker Tags

Tag Supported
1
1-debian
latest
debian
1-alpine ⚠️ Deprecated
alpine ⚠️ Deprecated
All other tags