From dccada9a2189bbd899c5c4a18665a92113fe6cd7 Mon Sep 17 00:00:00 2001
From: hackerman <3372410+aeneasr@users.noreply.github.com>
Date: Thu, 23 May 2019 12:11:10 +0200
Subject: [PATCH] docs: Updates issue and pull request templates (#112)

Signed-off-by: aeneasr <aeneas@ory.sh>
---
 SECURITY.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..1ce5ed2bf
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,20 @@
+# Security Policy
+
+## Supported Versions
+
+We release patches for security vulnerabilities.
+Which versions are eligible receiving such patches
+depend on the CVSS v3.0 Rating:
+
+| CVSS v3.0  | Supported Versions                        |
+| ---------- | ----------------------------------------- |
+| 9.0-10.0   | Releases within the previous three months |
+| 4.0-8.9    | Most recent release                       |
+
+## Reporting a Vulnerability
+
+Please report (suspected) security vulnerabilities to
+**[security@ory.sh](mailto:security@ory.sh)**. You will receive
+a response from us within 48 hours. If the issue is confirmed,
+we will release a patch as soon as possible depending on complexity
+but historically within a few days.