Skip to content

Security: lycorp-jp/.github

SECURITY.md

Security Policy

Reporting a Vulnerability

If you believe you have found a security vulnerability in an open source repository managed by LY Corporation, please report it privately through GitHub's vulnerability reporting feature for the affected repository.

Please use the Report a vulnerability option on GitHub.

Please do not report security vulnerabilities through public GitHub Issues, Discussions, Pull Requests, social media, chat, or any other public channel.

This policy applies to open source repositories managed by LY Corporation on GitHub, unless a repository provides its own security policy. If a repository has its own SECURITY.md, that policy takes precedence.

If GitHub private vulnerability reporting is not available for the affected repository, or if you need to contact us about a security-related matter, please contact us at:

ml-sec-cna@lycorp.co.jp

We do not currently provide or support PGP/GPG or other email encryption methods.

Please include enough information for us to understand and reproduce the issue, such as the affected repository, version, steps to reproduce, proof of concept, and potential impact.

Please keep vulnerability details confidential until we have reviewed the report and coordinated disclosure, where applicable.

Thank you for helping keep our users and the open source community safe.

There aren't any published security advisories