Skip to content

Latest commit

 

History

History
14 lines (9 loc) · 1.09 KB

SECURITY.md

File metadata and controls

14 lines (9 loc) · 1.09 KB

Reporting vulnerabilities

Please email reports about any security related issues you find to [email protected].

Please use a descriptive subject line for your report email. After the initial reply to your report, the team will endeavor to keep you informed of the progress being made towards a fix and announcement.

In addition, please include the following information along with your report:

  • Your name and affiliation (if any).
  • A description of the technical details of the vulnerabilities. It is very important to let us know how we can reproduce your findings.
  • An explanation who can exploit this vulnerability, and what they gain when doing so -- write an attack scenario. This will help us evaluate your report quickly, especially if the issue is complex.
  • Whether this vulnerability public or known to third parties. If it is, please provide details.

If you believe that an existing (public) issue is security-related, please send an email to [email protected]. The email should include the issue ID and a short description of why it should be handled according as a security issue.