# Security Policy
## Supported versions
Only the latest published version on crates.io receives security fixes.
## Reporting a vulnerability
Please **do not** open a public issue for security vulnerabilities.
Open a [private security advisory](https://github.com/brefwiz/socle/security/advisories/new) on GitHub, or email the maintainers at **security@brefwiz.com**.
Include:
- A description of the vulnerability and its potential impact
- Steps to reproduce or a minimal proof-of-concept
- Your suggested fix, if any
You will receive an acknowledgement within 48 hours and a resolution timeline within 5 business days. Once the fix is published we will open a public advisory crediting the reporter (unless you prefer to remain anonymous).