This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code. We believe that vulnerability disclosure is a two-way street. Vendors, as well as researchers, must act responsibly. This is why Google adheres to a 90-day disclosure deadline. We notify vendors of vulnerabilities immediately, with details shar