We release patches for security vulnerabilities. Which versions are eligible for receiving such patches depends on the vulnerability and the changes required to fix it.
| Version | Supported |
|---|---|
| 1.x | ✅ |
| < 1.0 | ❌ |
If you find a security vulnerability, please report it to us by emailing [email protected]. Please include the following details with your report:
- A description of the vulnerability and its impact.
- Steps to reproduce the vulnerability.
- Any potential mitigations.
We will respond to your report within 5 business days. If the issue is confirmed, we will release a patch as soon as possible, with a target timeframe of 30 days.
We will post an update on our GitHub repository and notify the community through our mailing list when security updates are available.
For further information on security best practices and resources, you can visit the following:
Thank you for helping us keep pytube secure.