You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
glitchier-soc/SECURITY.md

1.0 KiB

Security Policy

If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you should submit the report through our Bug Bounty Program. Alternatively, you can reach us at hello@joinmastodon.org.

You should not report such issues on GitHub or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.

Scope

A "vulnerability in Mastodon" is a vulnerability in the code distributed through our main source code repository on GitHub. Vulnerabilities that are specific to a given installation (e.g. misconfiguration) should be reported to the owner of that installation and not us.

Supported Versions

Version Supported
3.5.x Yes
3.4.x Yes
3.3.x Yes
< 3.3 No