go-ldap values responsible disclosure to protect the security and privacy of all users. We actively encourage respectful and non-disruptive testing and reporting of detected vulnerabilities, within the following guidelines:
- DO submit reports as soon as you are aware of an issue
- DO allow time to assess and respond to the submission
- DO respect the availability, confidentiality and privacy of our services, users and any 3rd party systems
- DO NOT attack or otherwise interfere with any account you are not the owner of
- DO NOT violate any applicable laws or regulations
- DO NOT disclose issues publicly before we've had time to assess and respond appropriately
Please submit individual reports including a full description of the finding, how to reproduce the behavior and any supporting information. These reports should be sent to: