Vespa takes the security of our platform and the data of our users very seriously. We appreciate your efforts in helping us identify and address potential vulnerabilities.
If you believe you have discovered a security vulnerability in Vespa, please report it to us responsibly through our dedicated vulnerability disclosure program.
Please do not report security vulnerabilities through public channels like GitHub Issues or any other bug bounty- or vulnerability disclosure platforms other than what's referenced below.
To submit a vulnerability report, please follow the guidelines outlined on our responsible disclosure page:
https://vespa.ai/responsible-disclosure/
This page provides detailed information on how to submit your report, what information to include, and our commitment to handling your report confidentially and responsibly.
If you have any questions or concerns about Vespa security, please contact us at [email protected].