gnh1201/mastodon
1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2025-11-27 10:00:50 +00:00
Code Issues Actions 17 Packages Projects Releases Wiki Activity
01cf5c103d
mastodon/SECURITY.md
Claire 64a0b060a8
Some checks failed
Check i18n / check-i18n (push) Has been cancelled
Details
CodeQL / Analyze (javascript) (push) Has been cancelled
Details
CodeQL / Analyze (ruby) (push) Has been cancelled
Details
Check formatting / lint (push) Has been cancelled
Details
Ruby Testing / build (production) (push) Has been cancelled
Details
Ruby Testing / build (test) (push) Has been cancelled
Details
Ruby Testing / test (.ruby-version) (push) Has been cancelled
Details
Ruby Testing / test (3.2) (push) Has been cancelled
Details
Ruby Testing / test (3.3) (push) Has been cancelled
Details
Ruby Testing / ImageMagick tests (.ruby-version) (push) Has been cancelled
Details
Ruby Testing / ImageMagick tests (3.2) (push) Has been cancelled
Details
Ruby Testing / ImageMagick tests (3.3) (push) Has been cancelled
Details
Ruby Testing / End to End testing (.ruby-version) (push) Has been cancelled
Details
Ruby Testing / End to End testing (3.2) (push) Has been cancelled
Details
Ruby Testing / End to End testing (3.3) (push) Has been cancelled
Details
Ruby Testing / Elastic Search integration testing (.ruby-version, docker.elastic.co/elasticsearch/elasticsearch:7.17.13) (push) Has been cancelled
Details
Ruby Testing / Elastic Search integration testing (.ruby-version, docker.elastic.co/elasticsearch/elasticsearch:8.10.2) (push) Has been cancelled
Details
Ruby Testing / Elastic Search integration testing (.ruby-version, opensearchproject/opensearch:2) (push) Has been cancelled
Details
Ruby Testing / Elastic Search integration testing (3.2, docker.elastic.co/elasticsearch/elasticsearch:7.17.13) (push) Has been cancelled
Details
Ruby Testing / Elastic Search integration testing (3.3, docker.elastic.co/elasticsearch/elasticsearch:7.17.13) (push) Has been cancelled
Details
Update security policy for 4.3 (#36755)
2025-11-06 14:58:24 +01:00

1014 B
Raw Blame History

Security Policy

If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can either:

You should not report such issues on public GitHub issues or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.

Scope

A "vulnerability in Mastodon" is a vulnerability in the code distributed through our main source code repository on GitHub. Vulnerabilities that are specific to a given installation (e.g. misconfiguration) should be reported to the owner of that installation and not us.

Supported Versions

Version Supported
4.4.x Yes
4.3.x Until 2026-05-06
4.2.x Until 2026-01-08
< 4.2 No