Skip to content

Security: nodejs/loaders-test

Security

SECURITY.md

Security

Reporting a bug in Node.js

Report security bugs in Node.js via HackerOne.

Normally, your report will be acknowledged within 5 days, and you'll receive a more detailed response to your report within 10 days indicating the next steps in handling your submission. These timelines may extend when our triage volunteers are away on holiday, particularly at the end of the year.

After the initial reply to your report, the security team will endeavor to keep you informed of the progress being made towards a fix and full announcement, and may ask for additional information or guidance surrounding the reported issue.

Reporting a bug in a third-party module

Security bugs in third-party modules should be reported to their respective maintainers. If those maintainers are the Node.js project (e.g. this repository), please report it via HackerOne. Generally, no CVEs will be generated for bugs affecting this repository.

There aren't any published security advisories