Skip to content

Security: hexhacking/xUnwind

Security

SECURITY.md

Reporting Security vulnerabilities

The xUnwind team and community take security bugs in xUnwind seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.

Please do not report security vulnerabilities through GitHub issues, discussions or pull requests. This makes the problem immediately visible to everyone, including malicious actors.

Instead, please send email to [email protected]. If possible, encrypt your message with this PGP key.

The xUnwind team will send a response indicating the next steps in handling your report. After the initial reply to your report, the security team will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.

There aren’t any published security advisories