Skip to content

Security: christwinn/woocommerce-api-client-java

Security

Report a vulnerability

.github/SECURITY.md

Security Policy

Supported Versions

Version Supported
3.1.x
< 3.1.0

Reporting a Vulnerability

DO NOT create public GitHub issues for security vulnerabilities.

Please report security vulnerabilities to: security@example.com

Include:

  • Description of vulnerability
  • Steps to reproduce
  • Potential impact
  • Suggested fix (if available)

We will respond within 48 hours acknowledging receipt.

Expected timeline:

  • Initial response: 48 hours
  • Vulnerability confirmation: 1 week
  • Fix development: 2-4 weeks
  • Public disclosure: After fix released

Security Update Process

  1. Security team reviews report
  2. Vulnerability confirmed/declined
  3. Fix developed in private fork
  4. Security advisory created
  5. Fix released with CVE assignment
  6. Public disclosure

There aren't any published security advisories