Skip to content

Security

We take security seriously and use various measures to ensure the safety of our products. Our security policies include:

  • Regular vulnerability scanning using industry-standard tools.
  • We treat vulnerabilities reports as our priority. This means that we attempt to fix them as quickly as possible, therefore, we will release a hotfix for any major security vulnerability found in the most recent version of our SDK/server.
  • We only use reputable 3rd party libraries and update them regularly

Reporting a Vulnerability

If you discover a security vulnerability, please report it to us by submitting a request in our Service Desk Portal. Include the details of the vulnerability, affected versions, and any known mitigations.

Vulnerability Scanning

We run vulnerability scans periodically on all components of our product, including:

  • C++ SDK
  • Python SDK
  • Java Wrapper
  • API Server

We use both open-source and proprietary vulnerability scanners such as Trivy and Veracode.

CVE History

Below is a table of the latest CVEs we have fixed:

CVE Priority Type Fixed Version
CVE-2025-24813 Critical System 1.49.1
CVE-2025-22228 High System 1.49.1
CVE-2025-0395 Medium System 1.49.0
CVE-2025-21502 Medium System 1.49.0

Non-fixable CVEs

In this section, we list the CVEs that are currently classified as non-fixable. These vulnerabilities have been thoroughly assessed, and due to various constraints, have not been resolved.

We continuously monitor these CVEs and work towards finding feasible solutions.

CVE Priority Type Description
CVE-2022-27943 Low System https://ubuntu.com/security/CVE-2022-27943
CVE-2023-4039 Medium System https://ubuntu.com/security/CVE-2023-4039
CVE-2016-20013 Low System https://ubuntu.com/security/CVE-2016-20013