Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Security: lifefinity/autopass

Security

SECURITY.md

Security Policy

Supported Versions

Version Supported
latest

Reporting a Vulnerability

If you discover a security vulnerability in autopass, please report it responsibly:

  1. Do NOT open a public GitHub issue
  2. Use GitHub Security Advisories to report privately
  3. Include:
    • Description of the vulnerability
    • Steps to reproduce
    • Potential impact
    • Suggested fix (if any)

Response Timeline

  • Acknowledgment: Within 48 hours
  • Initial assessment: Within 7 days
  • Fix release: Within 30 days for critical issues

Scope

Security issues we care about:

  • Secret leakage (decrypted secrets exposed in memory/logs/disk)
  • Encryption weaknesses (key derivation, AES-GCM usage)
  • PTY escape / command injection
  • Dependency vulnerabilities

Out of scope:

  • Attacks requiring physical access to an unlocked machine
  • Social engineering

There aren't any published security advisories

AltStyle によって変換されたページ (->オリジナル) /