Use the appropriate link below for advisories regarding the specific software product
...
Service Provider V3 (current)
Identity Provider V4 (current)
Service Provider V2 (legacy)
Identity Provider V3 (legacy)
...
and version/generation.
If you wish to report a new security issue or an update to an advisory, please contact security@shibboleth.net. Alternatively you may file an issue and set the Security Level to "Vulnerability" to keep it confidential.