Skip to content

Security: dskt-cc/bugs

Security

docs/SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in dskt.cc or it's related services, please:

  1. DO NOT create a public issue
  2. Email security@dskt.cc with:
    • Subject line: "SECURITY: Brief description"
    • Detailed description of the vulnerability
    • Steps to reproduce
    • Potential impact
    • Your contact information

Response Timeline

  • Initial Response: Within 24 hours
  • Status Update: Within 72 hours
  • Resolution Timeline: Case-by-case basis

Disclosure Policy

  • We follow responsible disclosure practices
  • Public disclosure only after patch is available
  • Credit will be given to the reporter
  • CVE IDs will be requested when applicable

Scope

In scope:

  • dskt.cc website
  • api.dskt.cc
  • Desktop Mate mod loader

Out of scope:

  • Third-party mods
  • User configurations

There aren’t any published security advisories