Only the latest version full release of the v2.x.x and v3.x.x code lines will have security updates issued. If you are on an older version, it is recommended you upgrade.

Minor or theoretical security vulnerabilities can be submitted by submitting an issue at https://github.com/WalkerCodeRanger/semver/issues and clearly indicating in the title that it is a security vulnerability.

Significant or critical security vulnerabilities that are judged to be inappropriate for a publically visible GitHub issue can be reported directly to security@semver-nuget.org. While we will make every effort to respond in less time, please allow up to 30 days for a response. Responses will include information about when to expect updates and when the vulnerability will be addressed. Based on the team's judgment, such security vulnerabilities may be turned into issues on GitHub or directly addressed to minimize the time between the vulnerability being publicly known and a patched release being available for download.