Skip to content

Security: jamesone/better-auth

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

If you believe you've found a security vulnerability, please follow these steps:

  1. Do not disclose the vulnerability publicly until it has been addressed by our team.
  2. Email your findings to security@better-auth.com Include:
    • A description of the vulnerability
    • Steps to reproduce the vulnerability
    • Potential impact of the vulnerability
    • Any suggestions for mitigation
    • Any other relevant information
  3. We will respond to your report within 72 hours.
  4. If the issue is confirmed, we will release a patch as soon as possible.

Disclosure Policy

If the issue is confirmed, we will release a patch as soon as possible. Once a patch is released, we will disclose the issue publicly. If 90 days has elapsed and we still don't have a fix, we will disclose the issue publicly.

Supported Versions

We only support the latest version of Better Auth. Older versions are not supported.

There aren’t any published security advisories