# Security Policy

## Supported Versions

Qiskit.org only supports the online version at a time, both for bug and security fixes, which covers `https://*.qiskit.org/*` and `https://qiskit.org/*`.

## Reporting a Vulnerability

To report vulnerabilities, you can privately report a potential security issue
via the Github security vulnerabilities feature. This can be done here:

https://github.com/Qiskit/qiskit.org/security/advisories

Please do **not** open a public issue about a potential security vulnerability.

You can find more details on the security vulnerability feature in the Github
documentation here:

https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability