Security
Kubernetes Security Release Process and Security Committee documentation.
To report a vulnerability, please refer to https://kubernetes.io/security.
Security Response Committee (SRC)
The Security Response Committee (SRC) is responsible for triaging and handling the security issues for Kubernetes. Following are the current Security Response Committee members:
- CJ Cullen (@cjcullen)
<[email protected]>
- Craig Ingram (@cji)
<[email protected]>
- Joel Smith (@joelsmith)
<[email protected]>
[4096R/0x1688ADC79BECDDAF] - Micah Hausler (@micahhausler)
<[email protected]>
- Mo Khan (@enj)
<[email protected]>
- Rita Zhang (@ritazh)
[email protected]
- Sri Saran Balaji (@SaranBalaji90)
<[email protected]>
- Tabitha Sable (@tabbysable)
<[email protected]>
Contacting the SRC
There are a number of contact points for the SRC and release managers in charge of security releases. Please use the correct forum for the best and fastest response.
List or Group | Visibility | Uses |
---|---|---|
[email protected] | Private | Kubernetes security disclosures. This list is closely monitored and triaged by the SRC. See the disclosure guide for full details. |
kubernetes-security-discuss Google Group | Public | Discussion about security disclosure handling, this document, and other updates. |
[email protected] | Private | Release Managers private discussion. All members are subscribed to [email protected]. |
[email protected] | Private | SRC private discussion. All members are subscribed to [email protected] |
Community, discussion, contribution, and support
Learn how to engage with the Kubernetes community on the community page.
Code of conduct
Participation in the Kubernetes community is governed by the Kubernetes Code of Conduct.