Skip to content

Security: web3/web3.js

Security

SECURITY.md

Security Policy

Supported Versions

Legacy-compatibility v1.x:

  • ⏳ Web3.js was the previous implementation of the library, written in JavaScript.

Current-implementation v4.x:

  • ⌛ Web3.js has undergone a complete refactoring and rewrite.
  • 🛑 We encourage not using these releases until official stable releases will be announced.
  • 🌐 We encourage using the most recently released version from the v1.x release track before reporting an issue.

Reporting a Vulnerability

  • 🚨 Please, send vulnerability reports to [email protected].
  • ⚠️ Please do not file a public ticket mentioning the vulnerability, as doing so could increase the likelihood of the vulnerability being exploited before a fix has been created, released and installed on the network.
Learn more about advisories related to web3/web3.js in the GitHub Advisory Database