|
12345678910111213141516171819202122232425 |
- # Security Policy
-
- ## Supported Versions
-
- The latest three major release versions of Nextcloud are currently being supported with security updates.
- Please visit https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule for further details.
-
- ## Reporting a Vulnerability
-
- Security is very important to us. If you have discovered a security issue with Nextcloud,
- please read our responsible disclosure guidelines and contact us at [hackerone.com/nextcloud](https://hackerone.com/nextcloud).
- Your report should include:
-
- - Product version
- - A vulnerability description
- - Reproduction steps
-
- A member of the security team will confirm the vulnerability, determine its impact, and develop a fix.
- The fix will be applied to the master branch, tested, and packaged in the next security release.
- The vulnerability will be publicly announced after the release. Finally, your name will be added
- to the [hall of fame](https://hackerone.com/nextcloud/thanks) as a thank you from the entire Nextcloud community. Note our
- [threat model](https://nextcloud.com/security/threat-model) to know what is expected behavior.
-
-
- Please visit https://nextcloud.com/security/ for further information about security.
|