Skip to content

Latest commit

 

History

History
12 lines (7 loc) · 701 Bytes

SECURITY.md

File metadata and controls

12 lines (7 loc) · 701 Bytes

Security Policy

Reporting a Vulnerability

Security issues relating to Node.js project should follow the process documented on https://nodejs.org/en/security/.

CVEs for the base image packages should be reported to those repositories. Nothing to address those CVEs is in the hands of this repos.

When base images are patched, the images are rebuilt and rolled out to the Docker hub without intervention by this repo. This process is explained in https://github.com/docker-library/faq/#why-does-my-security-scanner-show-that-an-image-has-cves.