Nuxt/SECURITY.md

Security Policy

Reporting a Vulnerability

To report a vulnerability, please send an email to security@nuxtjs.org or submit it for a bounty via Huntr.

All security vulnerabilities will be promptly verified and addressed.

While the discovery of new vulnerabilities is rare, we also recommend always using the latest versions of Nuxt and other dependencies by maintaining lock files (yarn.lock, package-lock.json and pnpm-lock.yaml) in order to ensure your application remains as secure as possible.