mirror of
https://github.com/RocketChat/Rocket.Chat.git
synced 2025-12-27 22:40:49 +00:00
44 lines
1.3 KiB
Markdown
44 lines
1.3 KiB
Markdown
You can find our full security documentation in our [handbook](https://handbook.rocket.chat/space/Handbook/74155072/%F0%9F%94%90+Security).
|
|
|
|
---
|
|
|
|
## Supported Versions
|
|
|
|
We currently provide security updates for the latest versions.
|
|
You can find more information about this [here](https://docs.rocket.chat/docs/version-durability).
|
|
|
|
---
|
|
|
|
## Reporting Vulnerabilities
|
|
|
|
If you discover a security vulnerability, please report it by following the instructions below:
|
|
|
|
We accept reports through our **Bug Bounty VDP program** on the **HackerOne** platform, which you can access [here](https://hackerone.com/rocket_chat).
|
|
|
|
Alternatively, you can:
|
|
|
|
- Send an email to [security@rocket.chat](mailto:security@rocket.chat) with details about the vulnerability.
|
|
- Include as much information as possible:
|
|
- Description
|
|
- Affected version
|
|
- Steps to reproduce
|
|
- Identified impact
|
|
- Proof of Concept (PoC)
|
|
|
|
> **Note:** At this time, we do not offer monetary rewards for reported vulnerabilities.
|
|
|
|
---
|
|
|
|
## Disclosure
|
|
|
|
We are committed to:
|
|
|
|
- Responsibly validating and fixing vulnerabilities.
|
|
- Notifying users when a security update is released.
|
|
- Formally acknowledging researchers who help improve Rocket.Chat's security.
|
|
|
|
---
|
|
|
|
## Thank You
|
|
|
|
Thank you for helping us keep this project safe for everyone! |