This project currently supports the following versions of Proxmox VE (PVE):
| Version | Supported |
|---|---|
| 9.0.x | ✅ |
| 8.4.x | ✅ |
| 8.3.x | ✅ |
| 8.2.x | ✅ |
| 8.1.x | ✅ |
| 8.0.x | Limited support* ❕ |
| < 8.0 | ❌ |
*Version 8.0.x has limited support. Security updates may not be provided for all issues affecting this version.
Security vulnerabilities must not be reported publicly to avoid potential exploitation.
Instead, please report them privately via one of the following channels:
- Discord: Join our Discord server and send a direct message to a maintainer.
- Email: Write to us at [email protected] with the subject line:
Vulnerability Report - <Project/Script Name>.
When reporting a vulnerability, please provide:
- A clear description of the issue
- Steps to reproduce the vulnerability
- Affected versions or environments
- (Optional) Suggested fixes or workarounds
-
Acknowledgment
- We will review and acknowledge your report within 7 business days.
-
Assessment
- The maintainers will verify the issue and classify its severity.
- Depending on impact, a patch may be released immediately or scheduled for the next update.
-
Resolution
- Critical security fixes will be prioritized.
- Non-critical issues may be deferred or declined with an explanation.
Not all reported issues will be treated as vulnerabilities.
Reports may be declined if they are deemed:
- Low-risk
- Out of project scope
- Conflicting with intended design or architecture
If you have any questions or concerns about this security policy, please reach out to the maintainers through the contact options above.