Security fixes are applied to the latest stable release only. Older versions do not receive backported patches.
| Version | Supported |
|---|---|
| latest | ✅ |
| older | ❌ |
Please do not report security vulnerabilities through public GitHub issues.
Report vulnerabilities privately via GitHub's built-in mechanism: Security → Report a vulnerability (in the repository's Security tab).
Alternatively, send an email to the maintainer address listed in pom.xml.
Please include:
- A description of the vulnerability and its potential impact
- Steps to reproduce or a minimal proof-of-concept
- The affected version(s)
You can expect an acknowledgement within 5 business days and a status update within 14 days.