To report a security issue, please email the Konflux security team at konflux-sec[at]googlegroups.com with a description of the issue, how to reproduce it and any mitigations you are aware of. If possible please include a proposed severity rating (for example, see Red Hat's severity ratings), and other classifying metadata such as a CWE ID or a CVSS score.
Our security team will respond within three working days of your email.