This package is using the Node Security Project (NSP) to facilitate responsible disclosure of potential security issues and subsequent security patches and advisories.
If you have discovered a potential security issue, please send the relevant information (such as references, commits, or code examples that would be useful in reproducing the issue) to the Node Security Project by either:
- Filling out the vulnerability disclosure form at nodesecurity.io/report
- Emailing a description to report@nodesecurity.io
- Once a vulnerability has been reported, the NSP will contact the package maintainers about the issue.
- After a patch has been prepared and published, the NSP will publish a public advisory and request a CVE.
- If after 45 days a patch has not been published, a public advisory will be published by the NSP.
View latest advisories at the Node Security Project
No security advisories have been published for this package.