14 lines
1.2 KiB
Markdown
14 lines
1.2 KiB
Markdown
# Reporting Security Vulnerabilities
|
|
|
|
Oracle values the independent security research community and believes that responsible disclosure of security vulnerabilities helps us ensure the security and privacy of all our users.
|
|
|
|
Please do NOT raise a GitHub Issue to report a security vulnerability. If you believe you have found a security vulnerability, please submit a report to secalert_us@oracle.com preferably with a proof of concept. We provide additional information on [how to report security vulnerabilities to Oracle](https://www.oracle.com/corporate/security-practices/assurance/vulnerability/reporting.html) which includes public encryption keys for secure email.
|
|
|
|
We ask that you do not use other channels or contact project contributors directly.
|
|
|
|
Non-vulnerability related security issues such as great new ideas for security features are welcome on GitHub Issues.
|
|
|
|
## Security-Related Information
|
|
|
|
We will provide security related information such as a threat model, considerations for secure use, or any known security issues in our documentation. Please note that labs and sample code are intended to demonstrate a concept and may not be sufficiently hardened for production use.
|