Report security vulnerabilities by emailing the Trimble Cybersecurity team at:
Report security vulnerabilities in third-party modules to the person or team maintaining the module.
When the security team receives a security bug report, they will assign it to a primary handler. This person will coordinate the fix and release process, involving the following steps:
- Confirm the problem and determine the affected versions.
- Audit code to find any potential similar problems.
- Prepare fixes for all releases still under maintenance. These fixes will be released as fast as possible.