If you think you have found an Mbed TLS security vulnerability, then please send an email to the security team at firstname.lastname@example.org.
Our security process is detailled in our security center.
Its primary goal is to ensure fixes are ready to be deployed when the issue goes public.
Only the maintained branches, as listed in
BRANCHES.md, get security fixes. Users are urged to always use the latest version of a maintained branch.