If you believe you have found a security vulnerability in Xinference (or xoscar), please report it privately through GitHub Security Advisories:
We follow a coordinated vulnerability disclosure process and appreciate responsible security research.
Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.
When submitting a report, please include:
- Description of the vulnerability
- Steps to reproduce
- Affected versions
- Potential impact
- Suggested mitigation or fix, if available
We will acknowledge receipt as soon as possible and work with you to validate and resolve the issue.
Please avoid publicly disclosing vulnerability details until a fix has been released or we have coordinated disclosure together.
Security fixes may be released through normal project releases and GitHub Security Advisories.