Skip to content

Security: OpenNMT/CTranslate2

Security

SECURITY.md

Security Policy

Supported Versions

Security fixes are provided for the latest release series only.

Reporting a Vulnerability

Do not open public issues for security vulnerabilities.

Please report security vulnerabilities privately to Jordi Mas jmas@softcatala.org.

What to Include in Your Report

To help us triage effectively, please include:

  • Severity assessment: Critical / High / Medium / Low, with a short justification.
  • Impact: what an attacker can achieve (RCE, information disclosure, DoS, etc.).
  • Reproduction steps with enough detail for maintainers to understand and validate the issue.

Response SLA

  • We aim to acknowledge new reports within 2 weeks of submission.
  • We aim to provide a fix or mitigation within 90 days of acknowledgement.

There aren't any published security advisories