If you think you have identified a security issue with an Encode project, do not open a public issue.
To responsibly report a security issue, please navigate to the Security tab for the repo and click "Report a vulnerability."
- Include a detailed description of the vulnerability.
- Provide steps to reproduce the issue.
- Mention any affected versions of the software.
- Include any possible workarounds or mitigations.
Upon receiving a vulnerability report, we will:
- Acknowledge receipt within 2 days.
- Assess the issue and confirm its validity.
- Provide updates on the status of the resolution.
- Release a fix or workaround as necessary.
Please do not disclose security vulnerabilities publicly until a fix has been made available. We appreciate your cooperation in keeping the details confidential.
If you can contribute with project in security and vulnerability topics, please use the following docs:
Thank You