Skip to content

Security: leaonline/oauth2-server

SECURITY.md

Security Policy

Supported Versions

Version Supported
4.x
3.x ✅ but only very critical security issues

Reporting a Vulnerability

Report security vulnerabilities to info [at] jankuester [dot] com

Please specify exactly how the vulnerability is to be exploited so we can estimate how severe the consequences can be (unless you also can specify them, too).

Please note that we need to reproduce the vulnerability (as like with bugs) in order to safely fix it.

A fix will be implemented in private until we can ensure the vulnerability is closed. A new release will immediately be published. If you want to provide a fix please let us know in the e-mail so we can setup a completely private repository to work on it together.

Finally, all security fixes will also require to pass all tests and audits.

There aren’t any published security advisories