| Version | Supported |
|---|---|
| 2.x | ✅ |
| 1.x | ❌ |
If you discover a security vulnerability in KSCrash, please report it responsibly.
Do not open a public GitHub issue for security vulnerabilities.
Instead, please use GitHub's private vulnerability reporting feature:
- Go to the Security tab of this repository
- Click "Report a vulnerability"
- Fill out the form with details about the vulnerability
- A description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any suggested fixes or mitigations (if known)
- Initial response: Within 72 hours
- Status update: Within 7 days
- Fix timeline: Depends on severity, typically within 30-90 days
We follow responsible disclosure practices. Once a fix is available, we will:
- Release a patched version
- Publish a security advisory
- Credit the reporter (unless they prefer to remain anonymous)
When using KSCrash in your application:
- Always use the latest stable version
- Review crash reports before transmitting them, as they may contain sensitive information
- Use HTTPS endpoints for crash report submission
- Consider the privacy implications of the data collected in crash reports