Security vulnerability reporting forum for OpenDistro

Hi,

Using opendistro-for-elasticsearch, if there are any security vulnerabilities reported in security scans (like QualysGuard, Nessus etc), what forum can we use to report the vulnerability or share our security concerns?
I see https://aws.amazon.com/security/vulnerability-reporting/ provides some details regarding this, but wanted to ensure if this is applicable for OpenDistro project as well?

Thanks,
Shivani