Skip to content

Security: dadrus/heimdall

SECURITY.md

Security Policy

Supported Versions

We provide security updates at least once a month for the last released minor version through patch releases. Currently, we do not offer patches for older versions. To ensure you receive timely security updates, please use the latest version of the project.

Reporting a Vulnerability

To report a security vulnerability, please use the Security Advisories feature. Do not use GitHub issues or other communication channels for security concerns.

When you report a vulnerability, you will receive a response within 48 hours. If the issue is confirmed, we will issue a new release to address the vulnerability as soon as possible, depending on its complexity and severity.

Security Updates and Patching

We prioritize timely response to confirmed security issues. Security updates will be provided in patch releases, and the release notes will detail the fixes and improvements made.

To help you maintain a secure installation, we provide extensive guidance in the Security chapter of the documentation. In addition, the entire documentation includes relevant notes and best practices for securing your installation.

There aren’t any published security advisories