Enterprise PKS Security Disclosure and Release Process

Page last updated:

This topic describes the processes for disclosing security issues and releasing related fixes for VMware Enterprise PKS, Kubernetes, VMware NSX, and VMware Harbor.

Security Issues in Enterprise PKS

VMware provides security coverage for Enterprise PKS. Please report any vulnerabilities directly to the VMware Security Response Center.

Security fixes are provided in accordance with the Ops Manager Security Overview and Policy.

Where applicable, security issues may be coordinated with the responsible disclosure process for the open source security teams in Kubernetes and Cloud Foundry projects.

Security Issues in Kubernetes

VMware follows the Kubernetes responsible disclosure process to work within the Kubernetes project to report and address suspected security issues with Kubernetes.

This process is discussed in Kubernetes Security and Disclosure Information.

When the Kubernetes project releases security fixes, Enterprise PKS releases fixes according to the Ops Manager Security Overview and Policy.

Security Issues from CFF

VMware follows the Cloud Foundry Foundation (CFF) responsible disclosure process to report and address suspected security issues.

This process is discussed in Cloud Foundry Security.

When the Cloud Foundry Foundation releases security fixes, Enterprise PKS releases fixes according to the Ops Manager Security Overview and Policy.

Security Issues in VMware NSX

Security issues in VMware NSX are coordinated with the VMware Security Response Center.

Security Issues in VMware Harbor

Security issues in VMware Harbor are coordinated with the VMware Security Response Center.


Please send any feedback you have to pks-feedback@pivotal.io.