Page Contents

Security Policy

Security advisories

Security advisories can be found on the LoopBack website.

Reporting a vulnerability

If you think you have discovered a new security issue with any LoopBack package, please do not report it on GitHub. Instead, send an email to security@loopback.io with the following details:

  • Full description of the vulnerability.
  • Steps to reproduce the issue.
  • Possible solutions.

If you are sending us any logs as part of the report, then make sure to redact any sensitive data from them.