We actively support the latest release of each Cartograph project. If you find a vulnerability in an older version, please check whether it still exists in the latest release before reporting.
If you discover a security vulnerability in any repository under the cartographgg
organisation, please report it responsibly. Do not open a public issue.
You have two options:
- Email (preferred): Send details to security@cartograph.gg
- GitHub: Use GitHub's private vulnerability reporting on the affected repository
- A description of the vulnerability
- Steps to reproduce it
- The affected repository and version (if known)
- We will acknowledge your report as soon as we can
- We will work with you to understand and resolve the issue
- We ask that you do not disclose the vulnerability publicly until a fix is available
Thank you for helping keep Cartograph and its community safe.