Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Security Policy

Supported Versions

The following versions of Varta are currently being supported with security updates.

VersionSupported
v0.2.x:white_check_mark:
< v0.2:x:

Reporting a Vulnerability

Varta is designed for high-assurance and safety-critical health monitoring. Security and protocol integrity are our highest priorities.

If you discover a security vulnerability or a protocol-level defect that could compromise system safety, please do not report it via a public issue.

Please use the GitHub Private Vulnerability Reporting feature. This allows you to securely disclose the vulnerability to the maintainers without making it public.

What to include

When reporting, please provide:

  1. A descriptive title.
  2. The specific crate and version affected.
  3. A clear description of the vulnerability or safety concern.
  4. Steps to reproduce (including hardware/OS context if relevant).
  5. A proof-of-concept if available.

Our Commitment

We will:

  • Acknowledge your report within 48 hours.
  • Provide a timeline for a fix and keep you updated.
  • Give credit (if desired) in the eventual security advisory.