Skip to content

Security: tornadoweb/tornado

SECURITY.md

Security Policy

Supported Versions

In general, due to limited maintainer bandwidth, only the latest version of Tornado is supported with patch releases. Exceptions may be made depending on the severity of the bug and the feasibility of backporting a fix to older releases.

Reporting a Vulnerability

Tornado uses GitHub's security advisory functionality for private vulnerability reports. To make a private report, use the "Report a vulnerability" button on https://github.com/tornadoweb/tornado/security/advisories

Learn more about advisories related to tornadoweb/tornado in the GitHub Advisory Database