The following versions are supported with continuing security updates, until we announce otherwise.

NOTE: At the moment, we do not provide security support of any kind, as the AASX Server is still considered a prototype and is in alpha development.

We appreciate your efforts to responsibly disclose any security vulnerabilities you may find.

To report a vulnerability, please email us directly at info@idtwin.org or open an issue directly at GitHub issues. Provide detailed information about the vulnerability and steps to reproduce it if possible.

Once a vulnerability report is received, we will address it promptly. However, we currently cannot determine a specific timeline for the fix.

We are committed to keeping our users informed about security issues and their impact. Updates regarding security vulnerabilities and patches will be provided through the following channels:

• Release Notes: Security updates will be highlighted in release notes accompanying new versions of the software.
• GitHub Repository: Issues related to security vulnerabilities will be tracked and documented in our GitHub repository's issue tracker.

We do not currently offer financial rewards for security vulnerabilities, but we greatly appreciate the efforts of security researchers in helping us improve the security of our project. We will acknowledge your contributions in our release notes, if you wish.