Report vulnerabilities to: [email protected]
- Expected response time: 48 hours
- Coordinated disclosure timeline: 90 days
- GPG key available for encrypted communication
| Version | Supported |
|---|---|
| 2.1.x | ✅ Active support |
| 2.0.x | ✅ Security fixes |
| < 2.0 | ❌ End of life |
- Framework vulnerability assessment
- Dependencies security scanning
- Input validation testing
- Authentication bypass protection
We follow coordinated vulnerability disclosure (CVD) practices aligned with industry standards and professional ethics guidelines.