Skip to content

Security: OWASP/cornucopia

SECURITY.md

Security Policy

Supported Versions

The versions of each of the sets of game cards currently supported by Cornucopia include.

Version Supported
ecommence edition =< 1.2
eop cards =< 1.0

Disclosing a Vulnerability

If you find that there are issues with the cards themselves, or with the build mechanisim for outputting the cards please raise a PR (https://github.com/OWASP/cornucopia/pulls) or create an issue (https://github.com/OWASP/cornucopia/issues) on GitHab and we'll look into it. Any vulnerabilities in libraries should be automatically resolved by dependabot and merged by the project team within 30 days but if you discover one that hasn't been please feel free to reach out to [email protected]

As a general rule the project team aims to resolve Critical Vulnerabilities immediately, Highs and Mediums with-in 30 days and Lows will be taken on a case-by-case basis.

There aren’t any published security advisories