The Balena.io team and community take security bugs in all our products and open source projects seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.

To report a security issue, email security@balena.io. The Balena.io team will keep you informed of the progress towards a fix, and may ask for additional information or guidance.

Report security bugs in third-party modules to the person or team maintaining the module. You can also report a vulnerability through the Node Security Project.