anuraOS

Security Policy

Supported Versions

Version	Supported
2.0.0 (Idol)	✅
1.2.1	:x:
1.2.0 (Whalefall)	:x:
1.1.1	:x:
1.1.0	:x:
1.0.0 (Lag Train)	:x:

Reporting a Vulnerability

In the case that you somehow manage to find a vulnerability in Anura please create a GitHub security advisory.

REMEMBER: Please DO NOT report vulnerabilities in the repository Issues tab.

What You Should Report

If you are wondering what counts as a vulnerability, heres a good list:

• XSS in the Anura URL
• The ability to execute arbitrary code on the server hosting Anura (not in Anura itself, as this is an intended feature)
• The ability to crash Anura (As in for everyone, not just your browser session)

This site is open source. Improve this page.