viscous/cloudreve
1
0
Fork 0
mirror of https://github.com/cloudreve/cloudreve.git synced 2026-06-27 14:26:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

doc: update security policy

Browse Source
This commit is contained in:
Aaron Liu
2026-06-06 11:28:13 +08:00
parent 78a731ffad
commit 26b6b1044b
1 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
SECURITY.md
View File

@@ -2,11 +2,13 @@
## Supported Versions
* For security issues with high-impacts (e.g. related to payments or user permission), we support 3.8.x and all 4.x version. But the fix for 4.x will released only in latest sub-version.
* For all other security issues, we mainly support version >= 4.x (in which `x` is the latest stable sub-version).
* For security issues with high impact (e.g. related to payments or user permissions), we support 3.8.x and all 4.x versions. Fixes for 4.x will be released only in the latest sub-version.
* For all other security issues, we mainly support versions >= 4.x (where `x` is the latest stable sub-version).
## Reporting a Vulnerability
Please send the details about the security issue to `support@cloudreve.org`. Once the vulnerability is comfirmed or fixed, you will get updates from the email thread.
Please report security vulnerabilities privately through GitHub's [Security Advisories](https://github.com/cloudreve/Cloudreve/security/advisories/new) by opening a new draft advisory in this repository.
We will reward you with bounty/swag for success submission of securty issues.
Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.
Once the vulnerability is confirmed or fixed, you will receive updates through the advisory thread.