We currently provide security updates for the active release branch of Stratum.
| Version | Supported |
|---|---|
| latest | ✅ |
| older | ❌ |
We take the security of Stratum very seriously. If you discover a security vulnerability, please follow these steps to report it responsibly:
- Do not open a public issue. This allows us time to patch the vulnerability before it becomes widely known and potentially exploited.
- Contact us privately. Please report the issue by reaching out to the project maintainers privately (e.g., via a private message or direct email if available).
- Provide details. Include as much detail as possible in your report, such as:
- A description of the vulnerability and its potential impact.
- Exact steps to reproduce the issue.
- The environment where the issue was observed (OS, browser, Docker version, etc.).
- Response. We will acknowledge receipt of your vulnerability report as quickly as possible and strive to provide you with regular updates on our progress in addressing it.
Once a vulnerability is verified and patched, we will coordinate public disclosure and provide appropriate credit to the reporter (if desired).