Hiverra Portal is designed for local file transfer, so security issues can affect file integrity, local network safety, and user trust.
Please report security concerns privately first.
Use GitHub security advisories if available, or contact the maintainer directly through the repository owner profile.
Do not open a public issue for vulnerabilities involving:
- unauthorized file access
- path traversal
- unsafe archive extraction
- sender or receiver identity bypass
- unintended network exposure
- remote code execution
- credential or token leakage
Security reports should include:
- affected version or commit
- operating system
- reproduction steps
- expected behavior
- actual behavior
- potential impact
- relevant logs, screenshots, or proof of concept details
Please give the maintainer time to investigate and prepare a fix before public disclosure.
Reports will be handled privately where possible, and public disclosure should be coordinated after a fix or mitigation is available.
Security fixes target the latest released version unless otherwise stated.