# Security Policy

## Bug Bounty

We have a [**bug bounty program** on Immunefi](https://www.immunefi.com/bounty/openzeppelin). Please report any security issues you find through the Immunefi dashboard, or reach out to security@openzeppelin.com.

Critical bug fixes will be backported to past major releases.

## Supported Versions

The recommendation is to use the latest version available.

| Version | Supported                            |
| ------- | ------------------------------------ |
| 4.x     | :white_check_mark::white_check_mark: |
| 3.4     | :white_check_mark:                   |
| 2.5     | :white_check_mark:                   |
| < 2.0   | :x:                                  |

Note that the Solidity language itself only guarantees security updates for the latest release.
