Skip to content

Security: Choochmeque/Axis

.github/SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in Axis, please report it responsibly.

Do not open a public issue for security vulnerabilities.

Instead, please email security concerns to: security@axis-git.app (or open a private security advisory on GitHub)

What to include

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Suggested fix (if any)

Response timeline

  • Acknowledgment: Within 48 hours
  • Initial assessment: Within 7 days
  • Fix timeline: Depends on severity, typically 30-90 days

Scope

This policy applies to:

  • The Axis desktop application
  • Official builds from GitHub Releases
  • The project's GitHub repository

Out of scope

  • Third-party dependencies (report to upstream maintainers)
  • Self-compiled or modified versions
  • Social engineering attacks

Supported Versions

Version Supported
Latest Yes
Nightly Best effort
Older No

Security Best Practices

When using Axis:

  • Download only from official GitHub Releases
  • Keep the application updated
  • Review repository permissions before granting access

There aren't any published security advisories