This organisation follows the OpenSSF Vulnerability Disclosure guide.

Please report vulnerabilities via GitHub Security Advisories. Each repository has its own security advisories page.

See the Security & Vulnerability Reports section of the AI Policy before using AI tools to find or report vulnerabilities.

This is a solo-maintained project. I aim to respond within 7 days of your report. If confirmed as a vulnerability, I will open a Security Advisory and follow a 90-day disclosure timeline.

For questions about CVE assignment in the Erlang ecosystem, contact the ERLEF vulnerability management team: [email protected]