(window.webpackJsonp=window.webpackJsonp||[]).push([[47],{105:function(e,t,n){"use strict";n.r(t),n.d(t,"frontMatter",(function(){returna})),n.d(t,"metadata",(function(){returns})),n.d(t,"rightToc",(function(){returnc})),n.d(t,"default",(function(){returnl}));varr=n(2),i=n(6),o=(n(0),n(116)),a={id:"security",title:"Security"},s={unversionedId:"community/security",id:"version-6.1.x/community/security",isDocsHomePage:!1,title:"Security",description:"OAuth2 Proxy is a community project.",source:"@site/versioned_docs/version-6.1.x/community/security.md",slug:"/community/security",permalink:"/oauth2-proxy/docs/6.1.x/community/security",editUrl:"https://github.com/oauth2-proxy/oauth2-proxy/edit/master/docs/versioned_docs/version-6.1.x/community/security.md",version:"6.1.x",sidebar:"version-6.1.x/docs",previous:{title:"Request Signatures",permalink:"/oauth2-proxy/docs/6.1.x/features/request_signatures"}},c=[{value:"Security Disclosures",id:"security-disclosures",children:[{value:"How will we respond to disclosures?",id:"how-will-we-respond-to-disclosures",children:[]}]}],u={rightToc:c};functionl(e){vart=e.components,n=Object(i.a)(e,["components"]);returnObject(o.b)("wrapper",Object(r.a)({},u,n,{components:t,mdxType:"MDXLayout"}),Object(o.b)("div",{className:"admonition admonition-note alert alert--secondary"},Object(o.b)("div",Object(r.a)({parentName:"div"},{className:"admonition-heading"}),Object(o.b)("h5",{parentName:"div"},Object(o.b)("span",Object(r.a)({parentName:"h5"},{className:"admonition-icon"}),Object(o.b)("svg",Object(r.a)({parentName:"span"},{xmlns:"http://www.w3.org/2000/svg",width:"14",height:"16",viewBox:"0 0 14 16"}),Object(o.b)("path",Object(r.a)({parentName:"svg"},{fillRule:"evenodd",d:"M6.3 5.69a.942.942 0 0 1-.28-.7c0-.28.09-.52.28-.7.19-.18.42-.28.7-.28.28 0 .52.09.7.28.18.19.28.42.28.7 0 .28-.09.52-.28.7a1 1 0 0 1-.7.3c-.28 0-.52-.11-.7-.3zM8 7.99c-.02-.25-.11-.48-.31-.69-.2-.19-.42-.3-.69-.31H6c-.27.02-.48.13-.69.31-.2.2-.3.44-.31.69h1v3c.02.27.11.5.31.69.2.2.42.31.69.31h1c.27 0 .48-.11.69-.31.2-.19.3-.42.31-.69H8V7.98v.01zM7 2.3c-3.14 0-5.7 2.54-5.7 5.68 0 3.14 2.56 5.7 5.7 5.7s5.7-2.55 5.7-5.7c0-3.15-2.56-5.69-5.7-5.69v.01zM7 .98c3.86 0 7 3.14 7 7s-3.14 7-7 7-7-3.12-7-7 3.14-7 7-7z"})))),"note")),Object(o.b)("div",Object(r.a)({parentName:"div"},{className:"admonition-content"}),Object(o.b)("p",{parentName:"div"},"OAuth2 Proxy is a community project.\nMaintainers do not work on this project full time, and as such,\nwhile we endeavour to respond to disclosures as quickly as possible,\nthis may take longer than in projects with corporate sponsorship."))),Object(o.b)("h2",{id:"security-disclosures"},"Security Disclosures"),Object(o.b)("div",{className:"admonition admonition-important alert alert--info"},Object(o.b)("div",Object(r.a)({parentName:"div"},{className:"admonition-heading"}),Object(o.b)("h5",{parentName:"div"},Object(o.b)("span",Object(r.a)({parentName:"h5"},{className:"admonition-icon"}),Object(o.b)("svg",Object(r.a)({parentName:"span"},{xmlns:"http://www.w3.org/2000/svg",width:"14",height:"16",viewBox:"0 0 14 16"}),Object(o.b)("path",Object(r.a)({parentName:"svg"},{fillRule:"evenodd",d:"M7 2.3c3.14 0 5.7 2.56 5.7 5.7s-2.56 5.7-5.7 5.7A5.71 5.71 0 0 1 1.3 8c0-3.14 2.56-5.7 5.7-5.7zM7 1C3.14 1 0 4.14 0 8s3.14 7 7 7 7-3.14 7-7-3.14-7-7-7zm1 3H6v5h2V4zm0 6H6v2h2v-2z"})))),"important")),Object(o.b)("div",Object(r.a)({parentName:"div"},{className:"admonition-content"}),Object(o.b)("p",{parentName:"div"},"If you believe you have found a vulnerability within OAuth2 Proxy or any of its\ndependencies, please do NOT open an issue or PR on GitHub, please do NOT post any\ndetails publicly."))),Object(o.b)("p",null,"Security disclosures MUST be done in private.\nIf you have found an issue that you would like to bring to the attention of the\nmaintenance team for OAuth2 Proxy, please compose an email and send it to the\nlist of maintainers in our ",Object(o.b)("a",Object(r.a)({parentName:"p"},{href:"https://github.com/oauth2-proxy/oauth2-proxy/blob/master/MAINTAINERS"}),"MAINTAINERS")," file."),Object
