Please direct all security issues to zowe-security@lists.openmainframeproject.org. A member of the security team will reply to acknowledge receipt of the vulnerability and coordinate remediation with the affected project.