11 lines
612 B
Markdown
11 lines
612 B
Markdown
# Reporting a Vulnerability
|
|
|
|
Please, [open a draft security advisory](https://github.com/spring-projects/security-advisories/security/advisories/new) if you need to disclose and discuss a security issue in private with the Spring Framework team. Note that we only accept reports against [supported versions](https://spring.io/projects/spring-framework#support).
|
|
|
|
For more details, check out our [security policy](https://spring.io/security-policy).
|
|
|
|
## JAR signing
|
|
|
|
Spring Framework JARs released on Maven Central are signed.
|
|
You'll find more information about the key here: https://spring.io/GPG-KEY-spring.txt
|