TomTom values the security research community and welcomes collaboration with researchers worldwide. We recognize that security researchers play a vital role in helping us maintain robust security across our platforms and protecting our users.
Through our HackerOne-powered vulnerability disclosure program, we work directly with security experts to identify and address potential security issues. Your research and responsible disclosure efforts help us continuously improve our security posture.
If you identify security vulnerabilities or concerns in this repository, we encourage you to report them through our established disclosure process so our security team can investigate and remediate any issues promptly.
- Please report security vulnerabilities through our HackerOne VDP program: 🔗 TomTom - Vulnerability Disclosure Program | HackerOne
- Initial Response: Within 3 business days
- Status Updates: Regular updates on investigation progress
- Resolution: Timeline varies based on complexity and severity
- Report vulnerabilities through HackerOne only
- Allow reasonable time for investigation and patching
- Do not publicly disclose the vulnerability
- Do not create a public GitHub issue
Security updates will be released as part of our regular release cycle or as emergency patches depending on severity.
For general security questions or non-vulnerability related inquiries, please send us an email at [email protected].