The Gulliver team takes security issues in Gulliver and our other projects seriously. We appreciate your efforts to responsibly disclose security related findings.
Please do not file an issue via the issue tracker, we'd prefer to avoid publishing security issue details until after we have a fix in place. This will aid in avoiding vulnerability exploitation in the wild.
We request that if you discover a security significant issue in our library that you report it via email to us at opensource@sandia.gov. Please include the words "[GULLIVER SECURITY]" in the subject line. Upon notification of a security issue we may request additional information.
The Gulliver team will do our best alleviate the issue and inform the public as appropriate.