Always use the latest version of DSW (including patch version). You can easily find the recommended (latest) versions in DSW Deployment Example repository. Older versions are not being patched as the upgrade process is simple and described in our User Guide.

In case you find a vulnerability, please report it via issue or email as soon as possible.

You can directly propose a solution using a Pull Request (see CONTRIBUTING file).

More information on vulnerability reporting, known and solved vulnerabilities is also available in our User Guide.

We use Grype to daily check our latest releases of Docker images (directly in the DSW Deployment Example repository). Once a critical vulnerability is found, we are notified and start working on a hotfix version.

You can check the scanning and results here.