(contributing:security)=

# Reporting security issues in Jupyter or JupyterHub

If you find a security vulnerability in Jupyter or JupyterHub,
whether it is a failure of the security model described in [Security Overview](explanation:security)
or a failure in implementation,
please report it!

Please use GitHub's "Report a Vulnerability" button under Security > Advisories on the appropriate repo,
e.g. [report here for JupyterHub](https://github.com/jupyterhub/jupyterhub/security/advisories).

You may also send an email to <mailto:security@ipython.org>, but the GitHub reporting system is preferred.
If you prefer to encrypt your security reports,
you can use {download}`this PGP public key </ipython_security.asc>`.