Please do not open public issues for security vulnerabilities.
When reporting a security issue, include:
- affected repository or crate
- affected version or commit
- impact
- reproduction steps, if safe to share
- suggested mitigation, if known
RustUse will review reports and coordinate fixes where appropriate.
If GitHub private vulnerability reporting is enabled for the affected repository, use it.
If no private reporting channel is available, open a minimal public issue asking for a maintainer contact without disclosing vulnerability details.