# Security Policy

## Reporting a Vulnerability

**Do not open up a GitHub issue if the bug is a security vulnerability in Rails**.
Instead, refer to our [security policy](https://rubyonrails.org/security/).

## Supported Versions

Security backports are provided for some previous release series. For details
of which release series are currently receiving security backports see our
[security policy](https://rubyonrails.org/security/).