We understand that many users place a high level of trust in Vector to collect and ship mission critical data. The security of Vector is a top priority. That's why we apply widely accepted best practices when it comes to security.
We deeply appreciate any effort to discover and disclose security vulnerabilities responsibly.
If you would like to report a vulnerability, or have any security concerns with Vector, please e-mail [email protected].
For non-critical matters, we prefer users open an issue. In order for us to best investigate your request, please include any of the following when reporting:
- Proof of concept
- Any tools, including versions used
- Any relevant output
We take all disclosures very seriously and will do our best to rapidly respond and verify the vulnerability before taking the necessary steps to fix it. After our initial reply to your disclosure, which should be directly after receiving it, we will periodically update you with the status of the fix.