Reporting a Vulnerability¶
If you find a security vulnerability in the Cirrus CI platform (the backend, web interface, etc.), please follow the steps below.
- Do NOT comment about the vulnerability publicly.
firstname.lastname@example.org the following format:
Subject: Platform Security Risk HOW TO EXPLOIT Give exact details so our team can replicate it. OTHER INFORMATION If anything else needs to be said, put it here.
Please be patient. You will get an email back soon.