The table below specifies the versions of cassandra-jdbc-wrapper that receive security updates.
| Versions | Supported |
|---|---|
| 5.x | ✅️ |
| 4.16.x | ✅️ |
| Older versions | ❌ |
If you wish to report a security vulnerability for this project, please do not use GitHub Issues or public communication channels and follow the process below.
If you discover a security issue, please submit it privately using GitHub’s built-in vulnerability reporting system: https://github.com/ing-bank/cassandra-jdbc-wrapper/security/advisories/new
This sends your report directly and privately to the maintainers.
To help us respond quickly, please include:
- A detailed description of the issue
- Steps to reproduce the vulnerability
- Potential impact
- Any known workarounds
- Proof-of-concept, if available
- Your suggested fix (optional)
As soon as we'll receive your report, we will investigate the issue and may contact you privately for more information if necessary.
If confirmed, we will work on a fix, then we'll release the security patch as soon as it's ready and safe to publish. Please do not disclose the vulnerability publicly until it has been fixed and affected users have had adequate time to upgrade.
You will be credited for the discovery unless you prefer to remain anonymous.