Notes:

• ✅ Active support: The version is actively maintained, and security updates will be provided promptly for reported vulnerabilities.
• ❌ End of life: The version is no longer supported, and users are encouraged to upgrade to a supported version to receive security updates.
• ❌ Unsupported: Versions prior to 4.0 are not supported. Users are strongly advised to upgrade to a supported version to ensure security.

1. To report a security vulnerability, please send an email to [email protected] with the subject "Security Vulnerability Report."
2. Include a detailed description of the vulnerability, including steps to reproduce it and any potential impact.
3. If possible, provide a Proof of Concept (PoC) or code snippet that demonstrates the issue.

• You will receive an initial response to acknowledge the receipt of your report within 48 hours.
• The security team will assess the reported vulnerability and determine its validity and severity.
• Once validated, the team will work on a fix for the vulnerability.

• We aim to address and resolve security vulnerabilities promptly.
• We request that you do not publicly disclose the vulnerability until we have had sufficient time to release a fix.
• We follow a coordinated disclosure process, and your cooperation is appreciated.

• If the vulnerability is accepted, we will work on a fix and provide a timeline for its release.
• If the vulnerability is declined, we will provide a detailed explanation of our decision and any recommended mitigations if applicable.

• Security advisories will be posted on our official website once fixes are released.
• Users are strongly encouraged to update to the latest supported version to mitigate security risks.

• We appreciate responsible disclosure. If you report a valid security vulnerability, you may be credited for your contribution in our advisory.

Thank you for helping us keep our project secure. Your cooperation in responsibly reporting vulnerabilities is crucial to maintaining a safe and reliable codebase.