Managing Security Issues

if critical security issues are found, security advisories are used to manage the issue and communications around it the following security advisory template is used to track the security issue title/name/description package/code name affected versions patched versions severity is defined as the following low (1 3) moderate (4 6) high (7 8) critical (9 10) this severity level will be determined using the industry standard common vulnerability scoring system (cvss) v3 1 a write up on the issue that can be sent out using the following template \### impact what kind of vulnerability is it? who is impacted? \### patches has the problem been patched? what versions should users upgrade to? \### workarounds is there a way for users to fix or remediate the vulnerability without upgrading? \### references are there any links users can visit to find out more? \### for more information if you have any questions or comments about this advisory email us at \[versafile support] (mailto\ support\@versafile com)