<!--
Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.

SPDX-License-Identifier: curl
-->

# Security Policy

See [SECURITY-PROCESS](docs/SECURITY-PROCESS.md) for full details.

## Reporting a Vulnerability

If you have found or just suspect a security problem somewhere in curl or
libcurl, report it on [HackerOne](https://hackerone.com/curl).

We treat security issues with confidentiality until controlled and disclosed responsibly.