*************************************
Guidelines to Vulnerability reporting
*************************************

- Architecture Envelope Model(AEMFVP-A) platform software stack is a
  collection of open source software repositories. If you think you have
  found a security vulnerability in a specific open source project which
  is part of the software stack, it is recommended to follow the vulnerability
  reporting guidelines specified by the respective project.

- If you think you have found a security vulnerability as part of the
  Architecture Envelope Model(AEMFVP-A) platform software stack and does
  not fall into any specific open source project, then please report
  by email at arm-security@arm.com specifying the project name as
  "Architecture Envelope Model(AEMFVP-A) Platform Software".
  More details can be found at `Arm Developer website`_.

--------------

*Copyright (c) 2021, Arm Limited. All rights reserved.*

.. _Arm Developer website: https://developer.arm.com/support/arm-security-updates/report-security-vulnerabilities