Currently, the following versions of Quillpad are supported with security updates:
| Version | Supported |
|---|---|
| 1.5.x | ✅ |
| < 1.5 | ❌ |
We recommend always using the latest version of Quillpad to ensure you have the latest security patches.
We take the security of Quillpad seriously. If you believe you have found a security vulnerability, please report it to us responsibly.
Please do not report security vulnerabilities via public GitHub issues.
Instead, please use the GitHub Security Advisory reporting feature to submit a private report.
Once a report is received:
- We will acknowledge receipt of your report within 48 hours.
- We will investigate the issue and confirm the vulnerability.
- We will work on a fix.
- Once a fix is ready, we will release a new version and publish a Security Advisory.
We ask that you provide us with a reasonable amount of time to resolve the issue before making any information public.
The following are generally considered out of scope:
- Issues related to rooting the device.
- Issues requiring physical access to an unlocked device.
- Theoretical vulnerabilities without a clear proof-of-concept.