Skip to content

Security: Inoir/strapi

Security

SECURITY.md

Security Policy

Supported Versions

As of May 2022 (and until this document is updated), only the v4.x.x stable releases of Strapi are supported for updates and bug fixes. Any previous versions are currently not supported and users are advised to use them "at their own risk".

  • v3.x.x support is limited to Critical/High severity security updates only until December 2022
  • v4.x.x is considered LTS until further notice

Reporting a Vulnerability

Please report (suspected) security vulnerabilities to [email protected].

You will receive a response from us within 72 hours. If the issue is confirmed, we will release a patch as soon as possible depending on complexity but historically within a few days.

There aren’t any published security advisories