While Pelican is in beta, we only provide security fixes for the most recent beta release. Older beta releases are unsupported.

Please report any vulnerabilities via one of the following methods:

• Create a security advisory on Github
• Send an e-mail to [email protected]

Include steps to reproduce, affected versions, impact, and a proof of concept if available.

You can expect a response within 72 hours.
Please do not disclose vulnerabilities publicly until we have released a fix. We will acknowledge receipt and can credit researchers upon request.