| Version | Supported |
|---|---|
| Latest | Yes |
| Older | No |
Only the latest release receives security updates. Please upgrade before reporting.
Do not open a public issue for security vulnerabilities.
Instead, use one of these methods:
-
GitHub Private Vulnerability Reporting (preferred) Go to Security > Advisories > New draft advisory and submit your report privately.
-
Email Contact the maintainer directly via the email address listed on the GitHub profile.
- Description of the vulnerability
- Steps to reproduce
- Affected version(s)
- Potential impact
- Acknowledgement: within 48 hours
- Fix or mitigation: within 7 days for critical issues, 30 days for others
PDFApps is a desktop application that runs entirely offline. The main attack surface is maliciously crafted PDF files. Network-related vulnerabilities only apply to the auto-updater module.