Skip to content

Security: j-util/inputstream-processor-core

SECURITY.md

Security Policy

Supported Versions

For each j-util library, only the latest published release receives security fixes.

If a library has not yet published a release, security reports may refer to the current main branch.

Older releases are not actively supported.

Reporting a Vulnerability

Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.

Use the Report a vulnerability option in the repository's Security section to submit a private vulnerability report.

Please include, where applicable:

  • the affected library and version;
  • a description of the vulnerability;
  • steps or sample code that reproduce the issue;
  • the expected security impact;
  • any suggested mitigation or fix.

Do not include real credentials, private keys, personal data, or other sensitive production information in the report.

Disclosure

Please allow reasonable time for the issue to be investigated and addressed before publishing vulnerability details.

Confirmed vulnerabilities may be handled through a GitHub Security Advisory and disclosed after an appropriate fix is available.

There aren't any published security advisories