Skip to content

Security: grisp/cryptoauthlib

Security

SECURITY.md

Security Policy

We take the security of cryptoauthlib very seriously. Please submit security vulnerabilities to the Microchip Product Security Incident Response Team (PSIRT) which is responsible for receiving and responding to reports of potential security vulnerabilities in our products, as well as in any related hardware, software, firmware, and tools. Please see below for instructions on how to submit your report.

Supported Versions

The previous API version is maintained for a year after a new version is released.

Version Supported Notes
3.3.x ✔️
3.2.x ✔️ Security updates until January 2022
< 3.2

Reporting a Vulnerability

How to Report Potential Product Security Vulnerabilities

Once a report is received, the PSIRT will take the necessary steps to review the issue and determine what actions might be required to address any potential impacts to our products. Microchip PSIRT follows a coordinated vulnerability responsible disclosure policy that is available for review.

Please use the above instructions to securely submit your findings - We ask that you refrain from reporting vulnerabilties through the public github issues system.

There aren’t any published security advisories