# Security Policy ## Supported Versions Only the latest version receives security updates and patches. Keep your environment up to date. ## Reporting a Vulnerability Do not publish vulnerabilities publicly. Report them through [GitHub's private vulnerability reporting](https://github.com/gotenberg/gotenberg/security/advisories/new). Include: - A detailed description of the vulnerability. - Steps to reproduce the issue. - Potential impact on users or the system. This process is handled on a best-effort basis. Response speed may vary depending on severity and available resources. ## Disclosure Policy Once a report is received and confirmed: - A fix and release timeline will be prepared. - The reporter will be notified when the fix is released. - The reporter will be credited for the discovery (unless anonymity is requested). ## Comments on this Policy Submit a pull request with suggestions for improving this process.