The following versions of CyanFox-Base are receiving active support and maintenance. Any security vulnerabilities discovered must be reproducible in supported versions.
| Version | Supported |
|---|---|
| 4.x | ✅ |
| 3.x | ❌ |
| 2.x | ❌ |
| < 1.x | ❌ |
Please reach out directly to security@cyanfox.de.
We make every effort to respond as soon as possible, although it may take a day or two for us to sync internally and determine the severity of the report and its impact. Please, do not use a public facing channel or GitHub issues to report sensitive security issues.
As part of our process, we will create a security advisory for the affected versions and disclose it publicly, usually two to four weeks after a releasing a version that addresses it.