Security Policy
This document describes how to report security issues in the oletools project.
Supported Versions
The following table shows which versions of the oletools project are currently being supported with security updates:
| Version | Supported |
|---|---|
 |
|
| >=0.60.x |  |
Reporting a Vulnerability
If you would like to report a vulnerability affecting the oletools project, you may use the link "Report a vulnerability" on Github.
If you prefer not to use Github, please send a first email to decalage at laposte dot net, without giving technical details. You will then be provided with a GPG public key to send encrypted emails.
Alternatively you may also contact me via X/Twitter, Mastodon or BlueSky using private messages (see https://linktr.ee/decalage) to get the GPG key.
Please note that oletools is a non-commercial open-source project maintained on my spare time. I will do my best to answer in due time and fix vulnerabilities.