diff options
| author | Yukihiro "Matz" Matsumoto <[email protected]> | 2021-10-01 19:13:07 +0900 |
|---|---|---|
| committer | Yukihiro "Matz" Matsumoto <[email protected]> | 2021-10-01 19:13:07 +0900 |
| commit | 4e504eaca13ec6b24de0e10068afc43f0bee39d5 (patch) | |
| tree | 658ca2596804c8a9f8614197435d8bbefeef7b44 | |
| parent | d96f53f8f8b0a2f8a22eb821ded108c0f20e1487 (diff) | |
| download | mruby-4e504eaca13ec6b24de0e10068afc43f0bee39d5.tar.gz mruby-4e504eaca13ec6b24de0e10068afc43f0bee39d5.zip | |
SECURITY.md: add scope description.
| -rw-r--r-- | SECURITY.md | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/SECURITY.md b/SECURITY.md index 03e436819..2f0ae5b28 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -3,3 +3,16 @@ ## Reporting a Vulnerability If you have any security concern, contact <[email protected]>. + +## Scope + +We consider following issues as vulnerabilities: + +* Remote code execution +* Crash caused by a valid Ruby script + +We *don't* consider following issues as vulnerabilities: + +* Runtime C undefined behavior (including integer overflow) +* Crash caused by misused API +* Crash caused by tweaked compiled binary |