Help Search

How can I report a security vulnerability?

Please send us an email at [email protected]. Do not use Github or any other public channels. We ask that you keep the issue confidential until we have a fix and an announcement ready.

Once the security issue confirmed, our team will take the following actions:

  • Try to first reproduce the issue and confirm the vulnerability.
  • Acknowledge to the reporter that we’ve received the issue and are working on a fix.
  • Get a fix/patch prepared and create associated automated tests.
  • Prepare a post describing the vulnerability, and the possible exploits.
  • Release new versions of all affected major versions.
  • Prominently feature the problem in the release announcement.
  • Provide credits in the release announcement to the reporter if they so desire.

Not finding what you are looking for? You can also ask the community on the forum.

Talk to a human
🍪   Do you accept cookies for statistical purposes? (Read more) Accept No thanks!