If you discover a security vulnerability or issue in this project, please contact us privately via email as soon as possible. Do not submit security vulnerabilities via public GitHub issues.
We can't provide any money, swag, etc, for vulnerability reports.
Contact Information:
- Email: jonas.vulnerability@triop.se
- Subject: Include "[Security Issue]" in the subject line
When reporting vulnerabilities, please encrypt your message using our PGP key available here: PGP Public Key
We treat your report with high priority and will respond as quickly as possible.
Please follow these guidelines when reporting a security issue:
- Report vulnerabilities privately via email.
- Provide clear and detailed instructions on how to reproduce the issue.
- Allow us a reasonable amount of time to investigate and resolve the issue before disclosing it publicly.
Security updates and information about resolved vulnerabilities will be published in the project's CHANGELOG and releases.