If you discover a vulnerability in Cloudflare or another serious security issue, Cloudflare operate a bounty program hosted by HackerOne at https://hackerone.com/cloudflare

If you discover a vulnerability in the image, from a layer created via our Dockerfile, immediately contact [email protected] with information. Build Society agree to honour any reasonable disclosure timelines in line with industry normals.