# Security Policy

## Supported Versions

|  Version  |     Supported      |
|-----------|--------------------|
| 1.19.x    | :white_check_mark: |
| 1.18.x    | :x:                |
| 1.17.x    | :x:                |
| 1.16.x    | :white_check_mark: |
| <= 1.15.x | :x:                |

## Reporting a Vulnerability

Please post your vulnerability report from the following page:
https://github.com/fluent/fluentd/security/advisories

> [!CAUTION]
> In above contact form, we accept about **ONLY** Fluentd's vulnerability, in contrast, **REJECT** your vulnerability report about Fluentd derivative products such as fluent-package, Fluentd container images and Fluentd kubernetes deamonset images and so on. There are appropriate contact forms for every these derivative products. See the following notice.

> [!NOTE]
> If you use fluent-package, please check [fluent-package-builder](https://github.com/fluent/fluent-package-builder/blob/master/SECURITY.md) and report it there.

> [!NOTE]
> If you use a Docker image of Fluentd, please check [Fluentd Docker Image](https://github.com/fluent/fluentd-docker-image/blob/master/SECURITY.md) and report it there.