The project currently supports security fixes for the following versions:

Please report suspected vulnerabilities privately. Do not open public GitHub issues for security reports.

Send details to:

• opencgmes@soptim.de

Use GitHub Security Advisories / private vulnerability reporting for this repository.

Please include as much of the following as possible:

• Affected component(s) and version(s)
• Reproduction steps or proof-of-concept
• Impact assessment
• Suggested mitigation (if available)

• Initial acknowledgment: within 3 business days
• Triage update: within 7 business days
• Ongoing status updates: at reasonable intervals until resolution

• Please allow maintainers time to validate and remediate before public disclosure.
• Coordinated disclosure is preferred after a fix or mitigation is available.