Hello!
During some fuzz testing, I identified a highly reproducible misaligned-access vulnerability in lite3 that leads to a undefined behavior. Since I couldn't find a SECURITY.md or disclosure policy, what is the preferred way to privately share the details and ASan traces for responsible disclosure before making this public?
Hello!
During some fuzz testing, I identified a highly reproducible misaligned-access vulnerability in lite3 that leads to a undefined behavior. Since I couldn't find a SECURITY.md or disclosure policy, what is the preferred way to privately share the details and ASan traces for responsible disclosure before making this public?