Bluera prioritizes the security and trust of our software products and services, including all open source software managed through our organization.
For the security of our users, please DO NOT report security vulnerabilities through GitHub, social medias, or any public channel. Doing so may put others at risk of them being broadly exploited.
If you need to report a security issue, please email us at contact@bluera.ai following the intructions below.
You may confidentially report any potential security vulnerability in any Bluera product or service by emailing us at contact@bluera.ai, and prefixing the subject with [SECURITY VULNERABILITY].
When reaching out to report a vulnerability, please include your best assesment of the following information:
- Impacted product/service name(s), including version(s)/branch(es), containing the vulnerability
- Type of vulnerability (code execution, buffer overflow, denial of service, etc.)
- Description of the vulnerability
- Instructions to reproduce the vulnerability
- Proof-of-concept or exploit code
- Potential impact of the vulnerability, including how an attacker could exploit the vulnerability
- Any other information relevant to identifying, testing and resolving the vulnerability
We value any help and information you may provide, and welcome any contribution.
If you have concerns and are uncertain of whether any product/service may pose a risk to others, please confidentially share it with us at the email above and our team will do their best to help investigate.
Thank you for contributing to ensuring the everyone's safety.