1# PyYAML Security Policy 2 3## Reporting a Suspected Vulnerability 4 5The PyYAML project encourages responsible disclosure of suspected security 6vulnerabilities. However, we do not offer bug bounties, paid disclosure, or 7paid fixes for discovered vulnerabilities. To report a suspected security 8vulnerability, please e-mail details to <security@pyyaml.org> without creating 9public issues, pull requests, or discussion. Non-security correspondence to 10this address will be ignored. 11