Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: update security information #157

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore: update security information #157

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 5 additions & 10 deletions SECURITY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,19 +2,15 @@

### Standard Priority Bug

For a bug that is non-sensitive and/or operational in nature rather than a critical vulnerability, please add it as a
GitHub issue.
For a bug that is non-sensitive and/or operational in nature rather than a critical vulnerability, please add it as a GitHub issue.

### Critical bug or security issue

Please report critical security vulnerabilities to
**[security@injectivelabs.org](mailto:security@injectivelabs.org)**. *Please avoid opening a public issue on the
**[security@injective.foundation](mailto:security@injective.foundation)**. *Please avoid opening a public issue on the
repository for critical security issues.*

The Injective Labs team will send a response indicating the next steps in handling your
report. After the initial reply to your report, the team will keep you informed
of the progress towards remediation and may ask for additional
information or guidance.
The Injective Foundation team will send a response indicating the next steps in handling your report. After the initial reply to your report, the team will keep you informed of the progress towards remediation and may ask for additional information or guidance.

In addition, please include the following information along with your report:

Expand All @@ -26,12 +22,11 @@ In addition, please include the following information along with your report:
- Whether this vulnerability is public or known to third parties. If it is, please provide details.

If you believe that an existing (public) issue is a critical-security-related issue, please email *
*[security@injectivelabs.org](mailto:security@injectivelabs.org)**. The email should include the issue ID and
*[security@injective.foundation](mailto:security@injective.foundation)**. The email should include the issue ID and
a short description of why it should be handled according to this critical security
policy.

If you have found an issue with the Cosmos SDK or Tendermint modules not found in this repo you can report them through
links found here. https://tendermint.com/security/
If you have found an issue with the Cosmos SDK or CometBFT, please report them on [HackerOne](https://hackerone.com/cosmos)

Alternately you can also notify us of a security issue through, [Discord](https://discord.gg/injective) or Telegram, and
alert the core engineers:
Expand Down