From c9709db61d4a4d2578e8f06246f94bd244bdd531 Mon Sep 17 00:00:00 2001
From: Tobias <22522058+sirkrypt0@users.noreply.github.com>
Date: Thu, 8 Jul 2021 08:51:55 +0200
Subject: [PATCH] Create SECURITY.md

---
 SECURITY.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..2cd4d837
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,14 @@
+# Security Policy
+
+## Supported Versions
+
+To receive fixes for security vulnerabilities it is required to always upgrade to the latest version of CodeOcean. 
+See https://github.com/openHPI/codeocean/tree/master for the latest version.
+
+## Reporting a Vulnerability
+
+If you have found a vulnerability or you are uncertain whether what you have discovered is a vulnerability,
+please send an email to sebastian.serth@hpi.de ([GPG Key](https://github.com/mrserth.gpg)).
+
+If you have a patch for the issue please use `git format-patch` and attach it to the email. Please do not open an issue or 
+pull request on GitHub as that may disclose sensitive details around the vulnerability.