Intel is committed to rapidly addressing security vulnerabilities affecting our customers and providing clear guidance on the solution, impact, severity and mitigation.

intel/llvm project is based upon the upstream llvm/llvm-project and leverages lots of functionality provided by it. If an issue you found concerns functionality which is available in upstream, then it is more efficient to directly report it there, see corresponding SECURITY.md for their policy.

If you are unsure, or if you know that the issue is specific to additions developed in intel/llvm, then please report any security vulnerabilities utilizing the guidelines here.