Skip to content

Security: mindsdb/mindsdb

SECURITY.md

MindsDB Security Policy

At MindsDB, we consider the security of our systems a top priority. However, no matter how much effort we put into system security, there can still be vulnerabilities present. Supported Versions

MindsDB only offers security patches for the following versions

Version Supported
>=23.6.1.1

Reporting a Vulnerability

If you discover a security vulnerability, we appreciate your efforts to responsibly disclose your findings by sending an email to [email protected], providing as much detail as you can. Please do not publicly disclose these details without express consent from us.

Upon receiving your email, our security team will assess and respond to your report. We strive to keep all communication channels open with you to address your report effectively. Disclosure Policy

Once we have received and evaluated your vulnerability report, MindsDB commits to:

  • Confirm the receipt of your report
  • Assess the vulnerability report to confirm its validity
  • Work on a fix and update the impacted versions
  • Publicly disclose the vulnerability after it has been addressed, giving credit to the reporter if they wish

Comments on this Policy

If you have any suggestions to improve this policy, please let us know. We are committed to ensuring that our policy works effectively for everyone involved.

Thank you for helping to make MindsDB safer for everyone.

Learn more about advisories related to mindsdb/mindsdb in the GitHub Advisory Database