First check Important advisories of known security vulnerabilities in Sonatype products to see if this has been previously reported.
If you believe you have found a security vulnerability, please report it by opening a private security advisory on GitHub:
- Go to the Security tab of this repository
- Click Report a vulnerability
- Provide a description of the vulnerability and steps to reproduce
Please do not open public issues for security vulnerabilities.