The list of currently supported versions receiving security updates is available in the documentation.

Our advisories are published on GitHub, linked to the rudder repository.

You can report any security vulnerability affecting Rudder sources, packages, or infrastructure (repositories, websites, etc.) you have found by contacting the Rudder security team at: [email protected].

If you have not received a reply to your email within 48 hours, you can ask on our chat room. As it is a public channel, please don't discuss specific details there, simply say you are waiting for a response from the security team.

You can encrypt your messages using our public key (fingerprint: 340C 9645 2F9A 816C 330A 99B7 C854 668E 3617 3DB3).

To know more about vulnerability announcements and reporting, check our website.