Security is very important to us.
If you have discovered a security issue, please contact [email protected] directly. Please refrain from directly creating a GitHub issue and publicly disclosing the vulnerability. We prefer a Coordinated Vulnerability Disclosure (CVD) to properly understand and fix the root cause problem.
Your report should include:
- Product version (GitHub commit hash or DockerHub sha256 digest hash)
- The affected component if possible (RoomClient.js, Server.js, etc.)
- A vulnerability description
- Reproduction steps
A member of the security team will confirm the vulnerability, determine its impact, and develop a fix. The fix will be applied to the master branch, tested, and packaged in the next security release.
Thanks in advance for your support to make our products safer!
We would like to extend our gratitude to the following individuals for their responsible disclosure of security vulnerabilities:
| Name | Contact |
|---|---|
Hendrik Siewert |
[email protected] |
Caio Fook |
https://github.com/caiofook |
Nishant Jain |
https://twitter.com/realArcherL |
Their dedication to security has contributed to the continuous improvement of our systems, ensuring the safety and privacy of our users and data.