Skip to content

Security

We take security seriously and use various measures to ensure the safety of our products. Our security policies include:

  • Regular vulnerability scanning using industry-standard tools.
  • We treat vulnerabilities reports as our priority. This means that we attempt to fix them as quickly as possible, therefore, we will release a hotfix for any major security vulnerability found in the most recent version of our SDK/server.
  • We only use reputable 3rd party libraries and update them regularly

Reporting a Vulnerability

If you discover a security vulnerability, please report it to us by submitting a request in our Service Desk Portal. Include the details of the vulnerability, affected versions, and any known mitigations.

Vulnerability Scanning

We run vulnerability scans periodically on all components of our product, including:

  • C++ SDK
  • Python SDK
  • Java Wrapper
  • API Server

We use both open-source and proprietary vulnerability scanners such as Trivy and Veracode.

CVE History

Below is a table of the latest CVEs we have fixed:

CVE Priority Type Fixed Version
CVE-2024-7254 High Java 2.5.0
CVE-2024-38816 High Java 2.5.0
CVE-2024-38809 Medium Java 2.5.0
CVE-2024-34750 High Java 2.4.2
CVE-2023-6597 Medium System 2.4.2
CVE-2024-0450 Medium System 2.4.2
CVE-2024-30172 Medium Java 2.4.1
CVE-2024-29857 Medium Java 2.4.1
CVE-2024-30171 Medium Java 2.4.1
CVE-2023-52428 Java 2.4.0
CVE-2023-33201 Medium Java 2.4.0
CVE-2023-33202 Medium Java 2.4.0
CVE-2024-34447 Java 2.4.0
CVE-2023-44487 High System 2.2.2

Non-fixable CVEs

In this section, we list the CVEs that are currently classified as non-fixable. These vulnerabilities have been thoroughly assessed, and due to various constraints, have not been resolved.

We continuously monitor these CVEs and work towards finding feasible solutions. Only medium-priority CVEs are included in this table, as they represent a balanced risk that requires attention but does not pose an immediate critical threat.

CVE Priority Type Description
CVE-2024-26462 Medium System https://ubuntu.com/security/CVE-2024-26462
CVE-2024-2236 Medium System https://ubuntu.com/security/CVE-2024-2236
CVE-2024-35325 Medium System https://ubuntu.com/security/CVE-2024-35325