File: SECURITY.md

package info (click to toggle)
node-dompurify 3.3.3%2Bdfsg-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 1,956 kB
  • sloc: javascript: 11,284; sh: 2; makefile: 2
file content (9 lines) | stat: -rw-r--r-- 626 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
 
## Supported Versions

Always the latest release.

## Reporting a Vulnerability

First of all, please immediately contact us via [email](mailto:mario@cure53.de) so we can work on a fix. [PGP key](https://keyserver.ubuntu.com/pks/lookup?op=vindex&search=0xC26C858090F70ADA)

Also, you probably qualify for a bug bounty! The fine folks over at [Fastmail](https://www.fastmail.com/) use DOMPurify for their services and added our library to their bug bounty scope. So, if you find a way to bypass or weaken DOMPurify, please also have a look at their website and the [bug bounty info](https://www.fastmail.com/about/bugbounty/).