Security Policy

Supported Versions

For the current supported version of SQLAlchemy, see "Current Release Series" at https://www.sqlalchemy.org/download.html#current.

Reporting a Vulnerability

SQLAlchemy participates in the Tidelift security infrastructure for reporting potential vulnerabilities reponsibly. Please follow the guidelines at:

https://tidelift.com/docs/security

in order to report a security issue. Security-related issues in SQLAlchemy are extremely rare. Nevertheless, we would ask that you please do not file CVEs without emailing us first, so that proper disclosure steps may be taken.