Please DO NOT file a public issue in this repository to report a security vulnerability.
If you believe you have found a security vulnerability in Malachite,
you can report it via our primary vulnerability disclosure channel, the
email address [email protected]. Please enclose with your
report the issue details, reproduction, impact, and other
information. Please submit only one unique email thread per vulnerability.
There is no bounty reward system in place for Malachite yet.
Artifacts from an email report are saved at the time the email is triaged. Please note: our team is not able to monitor dynamic content (e.g., a Google Docs link that is edited after receipt) throughout the lifecycle of a report. If you would like to share additional information or modify previous information, please include it in an additional reply as an additional attachment. Thank you for understanding.
For the most up-to-date version of the policies that govern our approach to vulnerability disclosure, please consult the Gold Standard Safe Harbor Statement.