SECURITY.md 1.2 KB
Security Policy
Supported Versions
Please see [Releases](). We recommend using the [most recently released version]().
Audit reports
Audit reports are published in the docs folder: [audit reports]().
| Scope | Date | Report Link |
|---|---|---|
geth |
20170425 | |
clef |
20180914 |
Reporting a Vulnerability
Please do not file a public ticket mentioning the vulnerability.
To find out how to disclose a vulnerability in Ethereum visit https://bugcrowd.com/core or email bounty@ethereum.org. Please read the [disclosure page]() for more information about publicly disclosed security vulnerabilities.
Use the built-in geth version-check feature to check whether the software is affected by any known vulnerability. This command will fetch the latest vulnerabilities.json file which contains known security vulnerabilities concerning geth, and cross-check the data against its own version number.