2020-08-27 22:02:11 +00:00
|
|
|
# Reporting a Vulnerability
|
|
|
|
|
|
2020-08-31 21:41:22 +00:00
|
|
|
Pinniped development is sponsored by VMware, and the Pinniped team encourages users
|
|
|
|
|
who become aware of a security vulnerability in Pinniped to report any potential
|
|
|
|
|
vulnerabilities found to security@vmware.com. If possible, please include a description
|
2020-08-27 22:02:11 +00:00
|
|
|
of the effects of the vulnerability, reproduction steps, and a description of in which
|
2020-08-31 21:41:22 +00:00
|
|
|
version of Pinniped or its dependencies the vulnerability was discovered.
|
2020-08-27 22:02:11 +00:00
|
|
|
The use of encrypted email is encouraged. The public PGP key can be found at https://kb.vmware.com/kb/1055.
|
|
|
|
|
|
2020-08-31 21:41:22 +00:00
|
|
|
The Pinniped team hopes that users encountering a new vulnerability will contact
|
|
|
|
|
us privately as it is in the best interests of our users that the Pinniped team has
|
2020-08-27 22:02:11 +00:00
|
|
|
an opportunity to investigate and confirm a suspected vulnerability before it becomes public knowledge.
|
