Security Policy Reporting a Vulnerability ❌ Do not open a GitHub issue if the bug is a security vulnerability in Reactor ✅ Disclose responsibly by sending a private report to security@pivotal.io ✅ (please double check this is consistent with the CVE process, we share this one with Spring) Supported Versions Version Supported Dysprosium Train (core 3.3.x, netty 0.9.x) ✅ Califonium Train (core 3.2.x, netty 0.8.x) ✅ Bismuth and below (core < 3.2, netty < 0.8) ❌ Reactor 1.x and 2.x Generations ❌