jiazhizhong/higress
1
0
Fork 0
mirror of https://github.com/alibaba/higress.git synced 2026-05-10 05:47:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

docs: add ASRC as supplementary vulnerability reporting channel in SECURITY.md

Browse Source 
Change-Id: I52297cb7169a9997be08e8d4c69db599113d960a
Co-developed-by: Kiro <noreply@kiro.dev>
Signed-off-by: EndlessSeeker <1766508902@qq.com>
This commit is contained in:
EndlessSeeker
2026-04-28 16:24:10 +08:00
parent 3e84ff3537
commit 5b64f2112d
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
SECURITY.md
View File

@@ -17,12 +17,18 @@ your contributions.
**Please do NOT report security vulnerabilities through public GitHub issues,
discussions, or pull requests.**
Instead, please report them through one of the following private channels:
Instead, please report them through one of the following private channels
(choose either one):
- **GitHub Private Security Advisory**:
<https://github.com/higress-group/higress/security/advisories/new>
- **Email**: [higress@googlegroups.com](mailto:higress@googlegroups.com)
In addition, we recommend also reporting the vulnerability to the
[Alibaba Security Response Center (ASRC)](https://security.alibaba.com/),
as Higress is widely deployed on Alibaba Cloud infrastructure. Reporting to
ASRC helps ensure timely patching for cloud-hosted deployments.
Please include as much of the following information as possible to help us
triage and address the issue: