Security Policy
Reporting a Vulnerability
If you believe you've found a security vulnerability, please follow these steps:
- Do not disclose the vulnerability publicly until it has been addressed by our team.
- Email your findings to
progressdb@henryasante.comand include:- A description of the vulnerability
- Steps to reproduce the vulnerability
- Potential impact of the vulnerability
- Any suggestions for mitigation
- Any other relevant information
We will respond to your report within 72 hours. If the issue is confirmed, we will release a patch as soon as possible.
Disclosure Policy
If the issue is confirmed, we will release a patch as soon as possible. Once a patch is released, we will disclose the issue publicly. If 90 days have elapsed and we still do not have a fix, we will disclose the issue publicly.
Supported Versions
We only support the latest version of ProgressDB. Older versions are not supported.