# Security Policy ## Supported Versions Only the latest version of Gotenberg receives security updates and patches. Keep your environment up to date. ## Reporting a Vulnerability If you discover a security vulnerability, do not publish it publicly. Send details via email to _neuhart [dot] julien [at] gmail [dot] com_ with the subject indicating a Gotenberg security vulnerability report. Include: - A detailed description of the vulnerability. - Steps to reproduce the issue. - Any potential impact on users or the system. This process is handled on a _'best-effort'_ basis. Response speed may vary depending on severity and available resources. ## Disclosure Policy Once a vulnerability report is received and confirmed: - A fix and release timeline will be prepared. - You will be notified when the fix is released. - You will be credited for the discovery (unless you request anonymity). ## Comments on this Policy If you have suggestions on how this process could be improved, submit a pull request.