816 B

Security Policy

Supported Versions

OpenSC releases are made roughly once a year, unless important security is discovered.

OpenSC does not release micro updates for previously released versions and does not backport security fixes into them.

Version Supported
< 0.20.0

Reporting a Vulnerability

If you discovered security vulnerability in supported version of OpenSC, you can either fill an issue in github (note, that these issues are public!) or you can send email to any recently active project developers frankmorgner(at), deengert(at) and/or jakuje(at) .

You can expect update on the issue no later than in two weeks.