Skip to content

Security: IBM-Cloud/infracost

Security

SECURITY.md

Security policy

Reporting a vulnerability

If you believe you have found a security vulnerability within Infracost, please let us know right away. We'll try and fix the problem as soon as possible.

Do not report vulnerabilities using public GitHub issues. Instead, email [email protected] with a detailed account of the issue. Please submit one issue per email, this helps us triage vulnerabilities.

Once we've received your email we'll keep you updated as we fix the vulnerability.

Supported versions

We release patches for security vulnerabilities as soon as they are found and fixed. Please refer to the below table to understand which CLI versions are eligible for security patches.

Version Supported
0.10.x
0.9.x
< 0.9.0

There aren’t any published security advisories