For details on MariaDB’s end-to-end security strategy, visit our Trust Center.
Customers
Current MariaDB customers may report a security concern by creating a support case in the Customer Support Portal.
Non-Customers
Non-customers may report a security concern by emailing [email protected] for general concerns or [email protected] for SkySQL-specific concerns.
MariaDB Foundation
For the MariaDB Foundation’s policy on reporting security concerns, please see MariaDB Foundation Reporting Procedures.
MariaDB asks that the report provides full details of the security concern so our security team can validate and reproduce the issue including the following information:
Vulnerability reports need to be documented in a way that they can be reproduced, easily understood and classified. The more details you send, including screen-shots, code, video; helps to understand the flaw as quickly as possible.
To all customer and security researchers who follow this MariaDB Vulnerability Reporting Policy, our security team commits to:
We take security issues seriously and will endeavor to respond swiftly to fix verifiable security issues.
While we appreciate the work done by independent security researchers, we do not offer compensation for reporting a security vulnerability.