docs: update security policy wording

Replace "security problem/vulnerability" with "security issue".

Signed-off-by: Radu Weiss <[email protected]>

SECURITY-POLICY.md

@@ -1,12 +1,12 @@
-# Security Problem Policy
+# Security Issue Policy
 
-If you uncover a security problem with Firecracker, please write to us on
+If you uncover a security issue with Firecracker, please write to us on
 <[email protected]>.
 
 Once the Firecracker [maintainers](MAINTAINERS.md) become aware (or are made
-aware) of a security vulnerability, they will immediately assess it. Based on
-impact and complexity, they will determine an embargo period (if externally
-reported, the period will be agreed upon with the external party).
+aware) of a security issue, they will immediately assess it. Based on impact and
+complexity, they will determine an embargo period (if externally reported, the
+period will be agreed upon with the external party).
 
 During the embargo period, maintainers will prioritize developing a fix over
 other activities. Within this period, maintainers may also notify a limited
@@ -16,7 +16,7 @@ technical information, a risk assessment, and early access to a fix.
 The external customers are included in this group based on the scale of their
 Firecracker usage in production. The pre-disclosure list may also contain
 significant external security contributors that can join the effort to fix the
-vulnerability during the embargo period.
+issue during the embargo period.
 
 At the end of the embargo period, maintainers will publicly release information
-about the vulnerability together with the Firecracker patches that mitigate it.
+about the security issue together with the Firecracker patches that mitigate it.