If you discover a security vulnerability, we'd appreciate a non-public disclosure. Reviewable developers can be contacted privately by creating a new Security Advisory on GitHub (preferred) or via [email protected].
- Please ensure the issue is reproducible.
- Please ensure a fully working, end-to-end reproducer is provided.
- Please ensure the reproducer is real-world and not simulated or abstracted.
- Please ensure the reproducer demonstrably violates a security boundary.