SECURITY.md - llvm-project - Git at Google

 # Reporting LLVM Security Issues

 To report security issues in LLVM, please follow the steps outlined on the
 [LLVM Security Group](https://llvm.org/docs/Security.html#how-to-report-a-security-issue)
 page.

 ## Security Issue Scope

 Many of LLVM's tools are explicitly **not** considered to be hardened against
 malicious input. Bugs in LLVM tools like buffer overreads or crashes are
 valuable to report [as Issues](https://github.com/llvm/llvm-project/issues),
 but aren't always seen as security vulnerabilities. Please see
 [our documentation](https://llvm.org/docs/Security.html#what-is-considered-a-security-issue)
 for a more precise definition of a security issue in this repository.
	# Reporting LLVM Security Issues

	To report security issues in LLVM, please follow the steps outlined on the
	[LLVM Security Group](https://llvm.org/docs/Security.html#how-to-report-a-security-issue)
	page.

	## Security Issue Scope

	Many of LLVM's tools are explicitly not considered to be hardened against
	malicious input. Bugs in LLVM tools like buffer overreads or crashes are
	valuable to report [as Issues](https://github.com/llvm/llvm-project/issues),
	but aren't always seen as security vulnerabilities. Please see
	[our documentation](https://llvm.org/docs/Security.html#what-is-considered-a-security-issue)
	for a more precise definition of a security issue in this repository.