Skip to content

Security: dusklaboratory/vivid-core

Security

SECURITY.md

Security Policy

Supported versions

Only the latest minor release is actively patched.

Reporting vulnerabilities

Report security issues privately to: security@vivid.local

Please avoid public disclosure until a fix is available.

High-risk areas

  • plugin path traversal and import injection,
  • custom repo override validation,
  • manifest parsing and parameter validation.

There aren't any published security advisories