# Security Policy

## Supported Versions

As of January 2023 (and until this document is updated), only the v4.x.x _GA_ releases of Strapi are supported for updates and bug fixes. Any previous versions are currently not supported and users are advised to use them "at their own risk".

- v4.x.x **Stable** is considered LTS until further notice
- v4.x.x **Beta** is considered unstable and not supported
- v4.x.x **Alpha** is considered unstable and not supported
- v3.x.x is considered deprecated and not supported

## Reporting a Vulnerability

Please report (suspected) security vulnerabilities to
**[security@strapi.io](mailto:security@strapi.io)**.

You will receive a response from us within 72 hours. If the issue is confirmed,
we will release a patch as soon as possible depending on complexity
but historically within a few days.