This page hosts our security policies and information with regards to reporting security flaws. Learn more about how Cloudron offers the best security for self-hosting and how to harden your server as an owner.
If you have discovered a security issue with Cloudron, please read our responsible disclosure guidelines below and contact us at firstname.lastname@example.org.
Your report should include:
The Cloudron community kindly requests that you comply with the following guidelines when researching and reporting security vulnerabilities:
Cloudron follows a rolling release schedule, thus we do not currently have LTS versions. The latest version published for updates is the currently supported version. We will not support any security issue backports to non current versions, but will require the user to update to latest, where fixes will be applied.