Skip to content

Security: A1ik/aleph

Security

SECURITY.md

Security Policy

Supported Versions

Aleph is a fast-moving project, developed through grant funding. We thus cannot provide specific long-term support releases. Instead, we advise all implementors of the software to keep their installations up to date as much as they can.

At the time of writing, versions 1.x and 2.x, and > 3.6 are completely discontinued.

Reporting a Vulnerability

Low-grade security issues can be reported via GitHub issues. If you believe you have found a critical security vulnerability, please consider contacting the Organized Crime and Corruption Reporting Project, the core maintainer of Aleph, directly via our responsible disclosure process:

https://www.occrp.org/en/responsible-disclosure

There aren’t any published security advisories