Source code
Revision control
Copy as Markdown
Other Tools
# Security Policy
This document describes how security vulnerabilities in this project should be reported.
## Reporting a Vulnerability
To report a security problem with nss-rs, create a bug in Mozilla's Bugzilla instance in the [Core :: Networking](https://bugzilla.mozilla.org/enter_bug.cgi?product=Core&component=Networking) component.
**IMPORTANT: For security issues, please make sure that you check the box labelled "Many users could be harmed by this security problem".**
We advise that you check this option for anything that involves anything security-relevant, including memory safety, crashes, race conditions, and handling of confidential information.
Review Mozilla's [guides on bug reporting](https://bugzilla.mozilla.org/page.cgi?id=bug-writing.html) before you open a bug.
Mozilla operates a [bug bounty program](https://www.mozilla.org/en-US/security/bug-bounty/), for which this project is eligible.