The Infinispan team and community take all security bugs very seriously. You can find our guidelines here regarding our policy and security disclosure.
Please report any security issues you find in Infinispan to:
security at infinispan.org
Due to the sensitive nature of security bugs, the disclosure process is more constrained than a regular bug. We appreciate you following these industry accepted guidelines, which gives time for a proper fix and limit the time window of attack.
The following table shows which versions are supported for vulnerability updates.
Version | Supported |
---|---|
15.0.x | ✅ |
14.0.x | ✅ |
< 14.0 | ❌ |