docs/modules/ROOT/pages/about/vulnerability_reporting.adoc
= Vulnerability Reporting
To report a vulnerability, please report it on GitHub directly.
You can follow the procedure described https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability[here]:
. Navigate to the https://github.com/k8up-io/k8up/security[security tab] on the repository
. Click on 'Advisories'
. Click on 'Report a vulnerability'
. Detail the issue
The reporter(s) can typically expect a response within 24 hours acknowledging the issue was received.
If a response is not received within 24 hours, please reach out to any https://github.com/orgs/k8up-io/teams/maintainer/members[maintainer] directly to confirm receipt of the issue.