Skip to content

Security: robey/node-oauth2-server

Security

SECURITY.md

Security Policy

Supported Versions

Use this section to tell people about which versions of your project are currently being supported with security updates.

Version Supported
5.x.x
4.x.x ✅ but only high severity issues
3.x.x
< 3

Reporting a Vulnerability

Report security vulnerabilities to info@jankuester.com

Please specify exactly how the vulnerability is to be exploited so we can estimate how severe the consequences can be (unless you also can specify them, too).

Please note that we need to reproduce the vulnerability (as like with bugs) in order to safely fix it.

A fix will be implemented in private until we can ensure the vulnerability is closed. A new release will immediately be published. If you want to provide a fix please let us know in the e-mail so we can setup a completely private repository to work on it together.

Finally, all security fixes will also require to pass all tests and audits.

There aren’t any published security advisories