STM32CubeF3/SECURITY.md

32 lines
1.7 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Report potential product security vulnerabilities
ST places a high priority on security, and our Product Security Incident
Response Team (PSIRT) is committed to rapidly addressing potential security
vulnerabilities affecting our products. PSIRT's long history and vast experience
in security allows ST to perform clear analyses and provide appropriate guidance
on mitigations and solutions when applicable.
If you wish to report potential security vulnerabilities regarding our products,
**please do not report them through public GitHub issues.** Instead, we
encourage you to report them to our ST PSIRT following the process described at:
**https://www.st.com/content/st_com/en/security/report-vulnerabilities.html**
### IMPORTANT - READ CAREFULLY:
STMicroelectronics International N.V., on behalf of itself, its affiliates and
subsidiaries, (collectively “ST”) takes all potential security vulnerability
reports or other related communications (“Report(s)”) seriously. In order to
review Your Report (the terms “You” and “Yours” include your employer, and all
affiliates, subsidiaries and related persons or entities) and take actions as
deemed appropriate, ST requires that we have the rights and Your permission to
do so.
As such, by submitting Your Report to ST, You agree that You have the right to
do so, and You grant to ST the rights to use the Report for purposes related to
security vulnerability analysis, testing, correction, patching, reporting and
any other related purpose or function.
By submitting Your Report, You agree that STs
[Privacy Policy](https://www.st.com/content/st_com/en/common/privacy-portal.html)
applies to all related communications.