Skip to content

Security: h2o/picotls

Security

SECURITY.md

Report a security issue

The h2o/picotls project team welcomes security reports and is committed to providing prompt attention to security issues. Security issues should be reported privately via h2o-vuln@googlegroups.com.

Security advisories

Remediation of security vulnerabilities is prioritized by the project team. The project team endeavors to coordinate remediation with third-party stakeholders, and is committed to transparency in the disclosure process. The picotls/h2o team announces security issues via h2o project Github Release notes as well as the h2o website on a best-effort basis.

Learn more about advisories related to h2o/picotls in the GitHub Advisory Database