| Version | Supported |
|---|---|
| latest | ✅ |
Do NOT open a public GitHub issue for security vulnerabilities.
Use GitHub Security Advisories to report vulnerabilities privately.
- Description of the vulnerability
- Steps to reproduce (proof of concept if possible)
- Affected versions
- Potential impact assessment
- Suggested fix (if any)
| Severity | Initial Response | Fix Target |
|---|---|---|
| Critical | 48 hours | 7 days |
| High | 5 business days | 30 days |
| Medium | 10 business days | 90 days |
| Low | 14 business days | Next release |
- Acknowledgment: We will acknowledge receipt of your report within the timelines above
- Assessment: We will investigate and assess the severity of the vulnerability
- Fix: We will develop and test a fix
- Disclosure: We will coordinate disclosure with you and publish a security advisory
This policy covers the nr_temporal_cache TYPO3 extension code. For vulnerabilities in dependencies or TYPO3 core, please report to the respective upstream projects.
We consider security research conducted in good faith to be authorized. We will not pursue legal action against researchers who follow responsible disclosure practices.