To report a vulnerability, please write an email to security@thecfu.de or report it via the Github Security Advisories. We strive to respond promptly and make decisions regarding the reported vulnerability. Pls try to describe the Vulnerability as good as you possible can. Pls ensure following Informations:
- Project/Repo
- Date
- Contact Information (Or
no Contactif you don't want to be contacted to it)
If your vulnerability is deemed valid, we will acknowledge your contribution in the fix merge request and release notes. If the vulnerability is not considered critical, you get a short notification and the Ticket gets closed.