If you discover a security vulnerability in Thunder Dome, please report it responsibly.
Do NOT open a public GitHub issue for security vulnerabilities.
Instead, email: orelohayon2468@gmail.com
Include:
- Description of the vulnerability
- Steps to reproduce
- Impact assessment
- Suggested fix (if any)
You will receive a response within 48 hours. We will work with you to understand and address the issue before any public disclosure.
| Version | Supported |
|---|---|
| 0.4.x | Yes |
| 0.3.x | No (end of life) |
| 0.2.x | No (end of life) |
| 0.1.x | No (end of life) |
Thunder Dome is a security gateway. The following are in scope:
- Bypass of policy enforcement
- Injection patterns that evade detection
- Schema pinning circumvention
- Authentication bypass
- Audit log tampering
- Rate limit bypass