blob: 558ecb8de4985fd327f615e8229463a301550190 [file] [log] [blame] [view] [edit]
# Reporting LLVM Security Issues
To report security issues in LLVM, please follow the steps outlined on the
[LLVM Security Group](https://llvm.org/docs/Security.html#how-to-report-a-security-issue)
page.
## Security Issue Scope
Many of LLVM's tools are explicitly **not** considered to be hardened against
malicious input. Bugs in LLVM tools like buffer overreads or crashes are
valuable to report [as Issues](https://github.com/llvm/llvm-project/issues),
but aren't always seen as security vulnerabilities. Please see
[our documentation](https://llvm.org/docs/Security.html#what-is-considered-a-security-issue)
for a more precise definition of a security issue in this repository.