chore(docs): add the SECURITY policy file

timoa · timoa · commit b4ce1c00da15 · 2022-04-14T12:20:55.000+02:00
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,17 @@
+# Security Policy
+
+## Supported Versions
+
+We release patches for security vulnerabilities. Which versions are eligible
+receiving such patches depend on the CVSS v3.0 Rating:
+
+| Version | Supported          |
+| ------- | ------------------ |
+| > 1.0.0 | :white_check_mark: |
+| < 1.0.0 | :x:                |
+
+## Reporting a Vulnerability
+
+Please report (suspected) security vulnerabilities to **[issue board](https://github.com/timoa/nodejs-encryption-api-example/issues)**
+with the label **vulnerability**. If the issue is confirmed, we will release a patch as soon as possible depending on complexity,
+but historically within a few days.
