The Internet Bug Bounty Panel is awarding bounties for critical security vulnerabilities in popular, open source programming languages. Thanks to the hard work of the developers of these languages, uncovering vulnerabilities in this software is increasingly challenging. These bounties are our way of saying "Thanks" to the security researchers who take up this challenge.
The project maintainers have final decision on which issues constitute security vulnerabilities. Only issues that are classified as a security issue __by a project maintainer will be considered for bounty eligibility. The Panel will respect their decision, and we ask that you do as well.
It's important to keep in mind that not all submissions will qualify for a bounty, and that the decision to award a bounty is entirely at the discretion of the Panel.