Security Team Mailing Aliases
All security vulnerabilities may be reported to security@lists.trustedfirmware.org. They will be forwarded to the appropriate project security teams(s). Alternatively, there are project specific aliases that may be used directly:
Trusted-Firmware-A : tf-a-security@lists.trustedfirmware.org
Trusted-Firmware-M : tf-m-security@lists.trustedfirmware.org
Mbed TLS : mbed-tls-security@lists.trustedfirmware.org
If you choose to encrypt your report, the same
PGP key
may be used
for any of these aliases.