At Dokploy, security is a top priority. We appreciate the help of security researchers and the community in identifying and reporting vulnerabilities.
If you have discovered a security vulnerability in Dokploy, we ask that you report it responsibly by following these guidelines:
- Contact us: Send an email to [email protected].
- Provide clear details: Include as much information as possible to help us understand and reproduce the vulnerability. This should include:
- A clear description of the vulnerability.
- Steps to reproduce the vulnerability.
- Any sample code, screenshots, or videos that might be helpful.
- The potential impact of the vulnerability.
- Do not make the vulnerability public: Please refrain from publicly disclosing the vulnerability until we have had the opportunity to investigate and address it. This is crucial for protecting our users.
- Allow us time: We will endeavor to acknowledge receipt of your report as soon as possible and keep you informed of our progress. The time to resolve the vulnerability may vary depending on its complexity and severity.
- Do not access user data or systems beyond what is necessary to demonstrate the vulnerability.
- Do not perform denial-of-service (DoS) attacks, spamming, or social engineering.
- Do not modify or destroy data that does not belong to you.
We are committed to working with you quickly and responsibly to address any legitimate security vulnerability.
Thank you for helping us keep Dokploy secure for everyone.