Enterprise PKS Security Disclosure and Release Process
Page last updated:
Warning: VMware Enterprise PKS v1.6 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.
This topic describes the processes for disclosing security issues and releasing related fixes for VMware Enterprise PKS, Kubernetes, Cloud Foundry Container Runtime (CFCR), VMware NSX, and VMware Harbor.
Where applicable, security issues may be coordinated with the responsible disclosure process for the open source security teams in Kubernetes and Cloud Foundry projects.
Pivotal and VMware follow the Kubernetes responsible disclosure process to work within the Kubernetes project to report and address suspected security issues with Kubernetes.
This process is discussed in Kubernetes Security and Disclosure Information.
Pivotal and VMware follow the Cloud Foundry responsible disclosure process to work within the Cloud Foundry Foundation to report and address suspected security issues with CFCR.
This process is discussed in Cloud Foundry Security.
Security issues in VMware NSX are coordinated with the VMware Security Response Center.
Security issues in VMware Harbor are coordinated with the VMware Security Response Center.
Please send any feedback you have to firstname.lastname@example.org.