We advise users to run or update to the most recent release of the Ansible NGINX Core collection. Older versions of this collection may not have all enhancements and/or bug fixes applied to them.

This codebase mainly consists of an Ansible collection. Ansible applies security fixes to the most recent three releases. Please find more information in the Ansible docs.

If you find a security vulnerability that affects Ansible directly, we encourage you to report it according to the Ansible guidelines.

If you find a security vulnerability that affects the codebase, we encourage you to report it to the F5 Security Incident Response Team (F5 SIRT):

• If you’re an F5 customer with an active support contract, please contact F5 Technical Support.
• If you aren’t an F5 customer, please report any potential or current instances of security vulnerabilities to the F5 SIRT at F5SIRT@f5.com.

For more information visit https://www.f5.com/services/support/report-a-vulnerability