Pickles values the work done by security researchers in improving the security of our products and service offerings. We are committed to working with this community to verify, reproduce, and respond to legitimate reported vulnerabilities. We encourage the community to participate in our responsible reporting process.
If issues reported affect a third-party library, external project, or another vendor, Pickles reserves the right to forward details of the issue to that party without further discussion with the researcher. We will do our best to coordinate and communicate with researchers through this process.
Responsible Disclosure Guidelines
We will investigate legitimate reports and make every effort to quickly correct any vulnerability. To encourage responsible reporting, we will not take legal action against you nor ask law enforcement to investigate you provided you comply with the following Responsible Disclosure:
• Provide details of the vulnerability, including information needed to reproduce and validate the vulnerability and a Proof of Concept (POC).
• Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our services.
• Do not modify or access data that does not belong to you.
• Give Pickles a reasonable time to correct the issue before making any information public.
Contacting us regarding Security concerns
Email is the best method to reach out to Pickles about security concerns. Please email firstname.lastname@example.org.