The JSON Schema project does not house any implementation of JSON Schema itself. If you have found a security issue in any implementation of JSON Schema, please contact the appropriate maintainers, per the projects security reporting guidelines, if any.

To report a security issue, please use the GitHub Security Advisory "https://github.com/json-schema-org/json-schema-spec/security/advisories/new" tab.

If you find a security issue in relation to the JSON Schema specification or another repository within this GitHub organization, please use the above.

The JSON Schema project TSC will review and respond to all security reports. Please follow coordinated disclosure.

If you are a maintainer of an implementation, please consider adding a security policy. If you need assistance in understanding a report, or remediation of a confirmed issue, please feel free to reach out to us on our Slack server, in the #implementations channel, and ask for a temporary private channel to discuss your situation or concerns.