Do not open up a GitHub issue if the bug is a security vulnerability in Rails. Instead refer to our security policy.
Security backports are provided for some previous release series. For details of which release series are currently receiving security backports see our security policy.