Patches for security vulnerabilities will be made available at the earliest opportunity. The versions that are eligible for such patches depend on the CVSS v3.1 severity rating:
CVSS v3.1 | Supported Versions |
---|---|
9.0-10.0 | Releases within the previous three months |
4.0-8.9 | Most recent release |
In the first instance, please report suspected security vulnerabilities using private vulnerability reporting by navigating to the Security tab of this repository and clicking "Report a vulnerability". Alternatively, submit your report by email to marc.ransome@fidgetbox.co.uk. You should generally expect a response within 48 hours.