You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We're *glad* if you want to report a vulnerability!
If you wish to propose text to explain how to detect and prevent a *kind*
of vulnerability that is already publicly known, please just file a normal
issue and/or pull request. We don't consider that a "vulnerability report"
in the sense that many people use the term.
In some cases we're the wrong place to report vulnerabilities to:
* If you wish to report a vulnerability on a specific project that isn't
this project, please don't report that here. Instead, please report the
vulnerability to that project.
* If you wish to report a general vulnerability in edX or the
Linux Foundation Training & Certification platform, please report the
vulnerability to them instead.
However, in some cases we *do* want you to report a vulnerability to us:
* If you wish to report a vulnerability in this *specific* course
as supported by the Linux Foundation (via edX or the Linux Foundation
Training & Certification platform).
* If you wish to propose text to explain how to detect and prevent a *kind*
of vulnerability that has *never* been publicly announced or
discussed anywhere.
If you want to report those kinds of vulnerabilities to us,
please use the GitHub mechanism [privately reporting a security vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability) to this repository.
