To report a security issue, please email [email protected] with a detailed description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue.
Please remember to include everything required for us to reproduce the issue, including but not limited to a publicly accessible git repository. All code samples shared with our Security team will only be used to verify and diagnose the issue and will not be publicly shared with anyone outside of Odestry's teams. Odestry's Security Team members may share information only within the Odestry teams on a need-to-know basis to fix the related issue.
If you think you've found a security issue, please DO NOT report, discuss, or describe it on Discord, GitHub, or any other public forum; without prior contact and acknowledgment of Odestry's Security team.
We highly value responsible security disclosure and collaboration with the security community. To ensure the safety of our systems and users, we kindly request that security issues not be disclosed on public platforms such as Discord, GitHub, or any other public forum without prior communication and acknowledgement from Odestry's Security Team.