The following versions of Beaconchain Horizon are currently being supported with security updates.
| Version | Supported |
|---|---|
| 2.0.x | ✅ |
| 1.5.x | ✅ |
| 1.0.x | ❌ |
| < 1.0 | ❌ |
The security of Beaconchain Horizon is a top priority. If you discover a security vulnerability, please report it privately instead of opening a public issue.
When reporting, please include as much of the following as possible:
- Type of vulnerability (e.g., XSS, CSRF, buffer overflow)
- Affected component(s) and version(s)
- Step-by-step instructions to reproduce the issue
- Any proof-of-concept code or exploit details
- Potential impact of the vulnerability
We aim to acknowledge verified reports within 48 hours and will provide an initial assessment within 5 business days. We will keep you updated on our progress and coordinate the disclosure timeline with you.
After a fix has been developed and tested, we will:
- Publish a GitHub Security Advisory
- Credit the reporter (unless anonymity is requested)
- Release a patch as soon as possible
- Notify affected users via appropriate channels
Maintained by Mahdi Amolimoghaddam as part of Beaconchain Horizon.