Skip to content

Security: 90le/tracevane

Security

SECURITY.md

Security Policy

Report a vulnerability

Please report suspected vulnerabilities through GitHub private vulnerability reporting. This is the preferred channel because it keeps the report and follow-up discussion private.

If GitHub private vulnerability reporting is unavailable, email 767759678@qq.com as a fallback. Include the affected version, impact, reproduction details, and any suggested mitigation when it is safe to do so.

Do not disclose vulnerabilities publicly before a fix is available. Never post passwords, access tokens, API keys, private configuration, exploit data, or other secrets in public GitHub Issues. Use a normal public Issue only for non-sensitive bugs after removing all confidential information.

Maintainers will acknowledge a private report as soon as practical, assess its impact, and coordinate remediation and disclosure with the reporter.

There aren't any published security advisories