We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 2e95482 commit a7c782cCopy full SHA for a7c782c
1 file changed
security/policy.rst
@@ -45,6 +45,8 @@ triggerable with data inputs that are reasonably sized for the use case.
45
Availability vulnerabilities must also demonstrate an "upward" change in posture
46
for the attacker, rather than a "lateral" one.
47
This is to avoid handling performance improvements as security vulnerabilities.
48
+Exceptions are an expected part of control flow when processing inputs,
49
+therefore crashes resulting from unhandled exceptions are not security vulnerabilities.
50
51
Vulnerabilities in dependencies of Python (such as zlib, Tcl/Tk, or OpenSSL)
52
are not vulnerabilities in Python unless Python's use of the dependency
0 commit comments