Mutillidae-Docker is a project that helps deploy and manage the Mutillidae cybersecurity training platform using Docker. Below is our security policy to ensure that any issues are handled promptly and transparently.
If you discover a security vulnerability in Mutillidae-Docker, please follow these steps:
- Open an Issue:
- Go to the Issues section of the Mutillidae-Docker repository.
- Create a new issue with:
- A detailed description of the vulnerability.
- Steps to reproduce the issue.
- The potential impact or risk of the vulnerability.
Since this project is primarily used to deploy the Mutillidae platform, please keep in mind:
-
Intentional Vulnerabilities in Mutillidae:
- Mutillidae is a deliberately vulnerable application meant for cybersecurity training.
- If the reported issue pertains to vulnerabilities within the Mutillidae platform itself, it may not be treated as a security issue unless it affects the deployment process or the Docker configuration.
-
Mutillidae-Docker Configuration:
- Vulnerabilities related to the Docker setup, image security, exposed ports, or misconfigurations will be treated as valid security concerns.
We encourage responsible disclosure and appreciate contributions from the security community. All reported issues will be evaluated promptly, and necessary actions will be taken to address confirmed vulnerabilities.
Thank you for helping us ensure the security of Mutillidae-Docker.