The development branch and non-obsolete production branches listed in README.md are supported with security updates.
Issues only in feature testing (non-production) branches should be reported via the GitHub issue tracker.
Please report suspected security vulnerabilities to the contacts below. We will aim to acknowledge your email within 48 hours but could be longer (holidays etc...)
- Gary Allan (maintainer) github@gallan.co.uk
- Miha Petkovsek (owner) miha.petkovsek@gmail.com
CVE numbers will not be provided by the phpIPAM project due to lack of resources to manage their lifecycle. If you require a CVE number please obtain prior to reporting a vulnerability and include with your submission.
Issues that are the responsibility of end-users such as use of weak passwords or choice to deploy with HTTP vs HTTPS will be rejected.