Reporting a Vulnerability ΒΆ

Kubeapps development is sponsored by VMware and the Kubeapps team encourages users who become aware of a security vulnerability in Kubeapps to report any potential vulnerabilities found to security@vmware.com . If possible, please include a description of the effects of the vulnerability, reproduction steps and a description of in which version of Kubeapps or its dependencies the vulnerability was discovered.

The use of encrypted email is encouraged. The public PGP key can be found at https://kb.vmware.com/kb/1055 .

The Kubeapps team hopes that users encountering a new vulnerability will contact us privately as it is in the best interests of our users that the Kubeapps team has an opportunity to investigate and confirm a suspected vulnerability before it becomes public knowledge.

In the case of vulnerabilities found in third-party software components used in Kubeapps, please also notify VMware as described above.

Getting started

Discover how to deploy Kubeapps in your cluster, add some package repositories and start managing your applications!