If you believe you have found a security vulnerability in GVM, please report it responsibly.
Do not open a public GitHub issue for security-sensitive bugs. Public issues are visible to everyone and could put users at risk.
Preferred options:
-
Private security advisory (recommended)
Open a private security advisory on this repository. This allows the maintainers to discuss and fix the issue in private and coordinate disclosure. -
Contact the maintainer
You can contact the current maintainer imansprn via GitHub (e.g. DM or “Report abuse” if applicable) to report the issue privately.
Please include:
- A short description of the vulnerability
- Steps to reproduce (if possible)
- Impact (e.g. what an attacker could do)
- Any suggested fix or mitigation (optional)
We will do our best to respond in a timely manner and will work with you to understand and address the issue before any public disclosure.
Security updates are provided for the current stable release. We encourage users to run the latest release when possible.
| Version | Supported |
|---|---|
| 2.0.x | Yes |
| 1.0.x | Best effort only |
| < 1.0 | No |
Thank you for helping keep GVM and its users safe.