One of the many benefits of open source software is that security vulnerabilities can be caught faster with more eyes on the software. However, reporting a security vulnerability publicly might not be the best solution.

If you want to report a security issue to the Ojos Project Developers team, please email us at [email protected].

To ensure we get the most out of your initial report, please:

• Prepend IRIS SECURITY REPORT: to the subject line
• Provide a background of the vulnerability, if possible
• Write a detailed explanation of the vulnerability
• Include resources, articles, or anything that may help us fix this faster

We get to work!

We may also email you back asking for more information and/or help as we patch the issue.

Once the issue is patched, we will make an announcement. We will also acknowledge your involvement in the process if you so wish.