# Security Policy

## Supported Versions

I release patches for security vulnerabilities. Which versions are eligible
receiving such patches depend on the CVSS v3.0 Rating:

| CVSS v3.0 | Supported Versions                        |
| --------- | ----------------------------------------- |
| 9.0-10.0  | Releases within the previous three months |
| 4.0-8.9   | Most recent release                       |

## Reporting a Vulnerability

Please report (suspected) security vulnerabilities by private DM to 
[Larry on LinkedIn](https://www.linkedin.com/in/LarryMaccherone/). 
You will receive a response within 48 hours. If the issue is confirmed, 
I will release a patch as soon as possible depending on complexity
but historically within a few days.