PKS Security Disclosure and Release Process
Page last updated:
This topic describes the processes for disclosing security issues and releasing related fixes for Pivotal Container Service (PKS), Kubernetes, Cloud Foundry Container Runtime (CFCR), VMware NSX, and VMware Harbor.
Where applicable, security issues may be coordinated with the responsible disclosure process for the open source security teams in Kubernetes and Cloud Foundry projects.
Pivotal and VMware follow the Kubernetes responsible disclosure process to work within the Kubernetes project to report and address suspected security issues with Kubernetes.
This process is discussed in Kubernetes Security and Disclosure Information.
Pivotal and VMware follow the Cloud Foundry responsible disclosure process to work within the Cloud Foundry Foundation to report and address suspected security issues with CFCR.
This process is discussed in Cloud Foundry Security.
Security issues in VMware NSX are coordinated with the VMware Security Response Center.
Security issues in VMware Harbor are coordinated with the VMware Security Response Center.
Please send any feedback you have to firstname.lastname@example.org.