Skip to content

Security: toon-format/toon-java

Security

SECURITY.md

Security Policy

Supported Versions

Only the latest release on Maven Central receives security updates. Patch releases are cut as needed for vulnerabilities.

Version Supported
2.x
< 2.0

Reporting a Vulnerability

We take security bugs seriously. If you discover a vulnerability in JToon, please report it privately before disclosing it publicly.

How to report:

  1. Open a security advisory at: https://github.com/toon-format/toon-java/security/advisories/new
  2. Alternatively, email the maintainers via the contact information on the GitHub profile.

You should receive a response within very soon. If you don't, please follow up to ensure your message was received.

What to include:

  • A clear description of the vulnerability
  • Steps to reproduce (PoC preferred)
  • Affected versions
  • Potential impact
  • Any suggested fix (if available)

There aren't any published security advisories