Skip to content

Security: request for a private disclosure contact #973

Description

@Ano1X8

Hi,

I've found what I believe is a security issue in how LMFlow loads a model during inference, and I'd like to
report it privately and responsibly.

This repository doesn't have a SECURITY.md or GitHub Private Vulnerability Reporting enabled, so could you either
share a security contact email, or enable "Private vulnerability reporting" under Settings → Security → Advisories?

I'm keeping details out of this public issue on purpose. I'll send a full write-up and a proof-of-concept as soon as
there's a private channel. Thanks!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions