This is a companion repository to the OpenImageIO source code (https://github.com/AcademySoftwareFoundation/OpenImageIO), used just for testing.

For full security information, please see https://github.com/AcademySoftwareFoundation/OpenImageIO/blob/main/SECURITY.md

If you think you've found a potential vulnerability in OpenImageIO, please report it to the maintainers. Include detailed steps to reproduce the issue, and any other information that could aid an investigation.

The best way to report a vulnerability is to file a GitHub security advisory. If that is not possible, it is also fine to email your report to security@openimageio.org. Only the project administrators have access to these reports.

Our policy is to respond to vulnerability reports within 14 days, and to address critical security vulnerabilities rapidly and post patches as quickly as possible.