Security Vulnerability Disclosure - Request for Contact Information #1253
Description
Security Contact Request
Our security research team at Fluid Attacks has identified a potential vulnerability in your software that we would like to report through a responsible disclosure process.
We were unable to locate a dedicated security contact, security policy, or SECURITY.md file for your project. We also sent an email to [email protected] without an answer.
Additional context
- Security vulnerability details will be shared privately once contact is established
- Our responsible disclosure policy typically requires public disclosure after a set period without vendor response
- To ensure this finding reaches the appropriate team members, could you please:
- Provide a security contact email address where we can send the vulnerability details, or
- Consider creating a SECURITY.md file in your repository with disclosure guidelines and contact information
- You can reach our security research team at [email protected]
We're trying to work with you on this and would prefer coordinated disclosure over public disclosure.