Skip to content
This repository has been archived by the owner on Nov 9, 2021. It is now read-only.

Latest commit

 

History

History
12 lines (7 loc) · 710 Bytes

SECURITY.md

File metadata and controls

12 lines (7 loc) · 710 Bytes

Security Policy

Reporting a Vulnerability

Security issues relating to Node.js project should follow the process documented on https://nodejs.org/en/security/.

CVEs for the base image packages should be reported to those repositories. Nothing to address those CVEs is in the hands of this repos.

When base images are patched, the images are rebuilt and rolled out to the Docker hub without intervention by this repo. This process is explained in https://github.com/docker-library/faq/#why-does-my-security-scanner-show-that-an-image-has-cves.