Disclosing a security issue upstream
As an Open Source community member, you are responsible for handling any security issues you identify. This post provides an example of a security issue we encountered and resolved by working with the project security team.