Skip to content

Security: Yivan/pimcore

Security

SECURITY.md

Security Policy

Supported Versions

see suppored versions here.

Reporting a Vulnerability

If you think that you have found a security issue in Pimcore, don’t use the bug tracker and don’t publish it publicly. Instead, all security issues must be reported via this form.

Resolving Process

Every submitted security issue is handled with top priority by the core-team by following these steps:

  1. Confirm the vulnerability
  2. Determine the severity
  3. Contact reporter
  4. Work on a patch
  5. Get a CVE identification number (may be done by the reporter or a security service provider)
  6. Patch reviewing
  7. Tagging a new release for supported versions
  8. Publish security announcement

There aren’t any published security advisories