We take security vulnerabilities seriously and appreciate your efforts to responsibly disclose any issues. If you find a vulnerability in our project, please follow the steps below to report it:
-
Do Not Create a Public Issue:
- Please do not use GitHub issues to report security vulnerabilities. This is to ensure that the vulnerability is not made public before it can be addressed.
-
Contact Us Privately:
- Send a detailed report of the vulnerability to our security team at [[email protected]]. Please include:
- A description of the vulnerability.
- Steps to reproduce the issue.
- Any potential impact or exploit scenarios.
- Send a detailed report of the vulnerability to our security team at [[email protected]]. Please include:
-
Response Time:
- We will acknowledge receipt of your report within 48 hours.
- We will work with you to understand and resolve the issue as quickly as possible.
-
Public Disclosure:
- We will coordinate with you on a public disclosure timeline once the vulnerability has been addressed. We aim to release a fix and publish details of the vulnerability in a timely manner.