The Cloud Solutions team takes the security of our software and services seriously. To ensure a safe and secure experience for all users, we have outlined clear guidelines for identifying, reporting, and addressing security vulnerabilities.
Important
If you discover a security vulnerability in any repository owned by Cloud Solutions, we strongly encourage you to report it to us immediately by sending an email to security@thecloudsolutions.com
- Please do not report security vulnerabilities through public GitHub issues.
- Please do not publicly disclose the issue until we have addressed it.
- Please do not send the report to any other email, different from the above.
Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
- Description of the vulnerability
- Impact of the issue, including how an attacker might exploit the issue
- Full paths of source file(s) related to the manifestation of the issue
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue
- Any supporting files, such as screenshots, logs, or proof-of-concept code, to help us reproduce and resolve the issue efficiently.
This information will help us triage your report more quickly.
- After you submit a report, you should receive a response within 48 hours. If for some reason you do not, please follow up via email to ensure we received your original message.
- We will provide an estimated time frame for addressing the vulnerability.
- We will notify you when the issue is resolved.
Note
We will investigate all legitimate reports and do our best to provide a resolution promptly. Thank you for helping keep the Cloud Solutions community safe and secure. π€
Cloud Solutions primarily supports the latest major version of each project to ensure the highest levels of performance and security.
Warning
While we strongly encourage users to stay up-to-date, critical security patches may, at our discretion, be applied to older versions if deemed necessary.
To help maintain security when using our software or services:
- Keep your dependencies and services up to date.
- Follow the principle of least privilege when managing AWS resources.
- Use secure credentials and rotate them regularly.
- Subscribe to security advisories or release updates to stay informed about critical patches.
Caution
Cloud Solutions does not provide bug bounties for vulnerability disclosures.
As an open-source company, we release our projects for free under a permissive license, encouraging community contributions. We value all contributions equally and therefore donβt compensate specific ones, including those by security researchers. This approach ensures fairness across our open-source community. Thank you for your understanding.
We prefer all communications to be in English.
Tip
If you cannot report an issue in English, please submit it in your preferred language, and we will do our best to accommodate.
Your contributions, ideas, and feedback are invaluable in building great projects together. You can help improve the project by:
- Answering questions in discussions or forums.
- Sharing solutions to common problems.
- Contributing to documentation updates.
Note
We would be thrilled to have you as part of the Cloud Solutions community!
The future of Open Source relies on you!
Important
This SECURITY guide is inspired by best practices and tailored for the Cloud Solutions community.
Copyright Β© 2020-2025 Cloud Solutions. All rights reserved.