We take the security of Spectra Scan and its users seriously. We follow industry best practices for responsible disclosure to ensure that vulnerabilities are identified, validated, and patched before they can be exploited.
If you believe you have discovered a security vulnerability in Spectra Scan, please do not report it publicly via GitHub Issues.
Instead, please send an email to: [wanheda.work@gmail.com]
- Summary: A concise description of the vulnerability.
- Description: A detailed explanation of the issue.
- Impact: What can an attacker do with this?
- Reproduction Steps: A clear, step-by-step guide to reproduce the issue (including any necessary code snippets or environment details).
- Environment: OS, Go version, and the version of Spectra Scan you are using.
We will acknowledge receipt of your report within [e.g., 48 hours] and will work with you to understand and mitigate the issue.
We only provide security updates for the latest stable release of Spectra Scan. If you are using an older version, we strongly recommend upgrading.
| Version | Supported |
|---|---|
| 1.0.x | Yes |
| < 1.0.0 | No |
- We prioritize the privacy and security of our users.
- We request that you give us a reasonable amount of time to investigate and fix the vulnerability before making any details public.
- We do not have a formal bug bounty program, but we will credit security researchers who responsibly report vulnerabilities in our documentation or release notes.
- Issues that are already known and documented in the tracker.
- Feature requests or non-security bugs.
- Issues related to third-party software or libraries (please report these to the maintainers of the respective projects).
*Thank you for helping us keep Spectra Scan secure and reliable