If you think you have identified a security related issue with any module or repository, please report it immediately to the listed people from the CODEOWNERS.md list.

Do not open issues related to any security concerns publicly. Please do not include anyone else on the disclosure email.

When reporting an issue, include as much information as possible to help us assess the gravity and severity of the security issue:

Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
Steps leading from the start of the issue to it's final manifestation
Affected source code (tag/branch/commit or direct URL)
Any special configuration required to reproduce the issue
Step-by-step instructions to reproduce the issue