Skip to content

Security: nsynkde/strapi

Security

SECURITY.md

Security Policy

Supported Versions

As of January 2023 (and until this document is updated), only the v4.x.x GA releases of Strapi are supported for updates and bug fixes. Any previous versions are currently not supported and users are advised to use them "at their own risk".

  • v4.x.x Stable is considered LTS until further notice
  • v4.x.x Beta is considered unstable and not supported
  • v4.x.x Alpha is considered unstable and not supported
  • v3.x.x is considered deprecated and not supported

Reporting a Vulnerability

Please report (suspected) security vulnerabilities to security@strapi.io.

You will receive a response from us within 72 hours. If the issue is confirmed, we will release a patch as soon as possible depending on complexity but historically within a few days.

There aren’t any published security advisories