We actively support the following versions of prerender-node with security updates:
| Version | Supported |
|---|---|
| 3.8.x | ✅ |
| 3.7.x | ✅ |
| < 3.7 | ❌ |
We take security vulnerabilities seriously. If you discover a security vulnerability in prerender-node, please report it privately.
Please do not report security vulnerabilities through public GitHub issues.
Instead, please report vulnerabilities by:
- Email: Send details to [email protected]
- GitHub Security: Use GitHub's private vulnerability reporting feature
Please include the following information in your report:
- Description of the vulnerability
- Steps to reproduce the issue
- Affected versions
- Potential impact
- Any suggested fixes (if available)
- Initial Response: We aim to acknowledge receipt within 24-48 hours
- Status Update: We will provide regular updates on our investigation
- Resolution: We will work to resolve confirmed vulnerabilities as quickly as possible
We kindly ask that you:
- Give us reasonable time to investigate and fix the vulnerability
- Do not publicly disclose the vulnerability until we have released a fix
- Do not exploit the vulnerability or access data beyond what is necessary to demonstrate the issue
Security updates are released as patch versions and announced through:
- GitHub releases
- npm advisory database
- Security advisories on this repository
Thank you for helping keep prerender-node secure!