How to report a security vulnerability?

[d0cs1s-bzhunt]

Hi,

I am a security researcher and I have identified security vulnerabilities in juniper (tested on v0.17.1) that I would like to report responsibly.

I could not find a SECURITY.md file or a documented vulnerability disclosure process in the repository. Could you let me know the preferred way to submit a security report? For example a private GitHub Security Advisory, an encrypted email, or any other secure channel.

I have detailed reports ready with proof of concept code and suggested fixes, and I am happy to adapt to whatever process works best for the maintainers.

Thanks!

[LegNeato]

I just turned on Private vulnerability reporting in github, so let's use that, thanks!