# Using TensorFlow Securely

This document discusses the TensorFlow security model. It describes the security
risks to consider when using models, checkpoints or input data for training or
serving. We also provide guidelines on what constitutes a vulnerability in
TensorFlow and how to report them.

This document applies to other repositories in the TensorFlow organization,
covering security practices for the entirety of the TensorFlow ecosystem.

## Security Bulletins

Information about previous Istio vulnerabilities can be found on the
[Security Bulletins] page.

[Support Announcements]: https://istio.io/news/support/
[Istio Security Vulnerabilities]: https://istio.io/about/security-vulnerabilities/
[Security Bulletins]: https://istio.io/news/security/

# Security Policy

## Supported Versions

We support the past two Go releases (for example, Go 1.17.x and Go 1.18.x when Go 1.18.x is the latest stable release).

See https://go.dev/wiki/Go-Release-Cycle and in particular the
[Release Maintenance](https://go.dev/wiki/Go-Release-Cycle#release-maintenance)
part of that page.

## Reporting a Vulnerability

::: fastapi.security.APIKeyCookie

::: fastapi.security.APIKeyHeader

::: fastapi.security.APIKeyQuery

## HTTP Authentication Schemes

::: fastapi.security.HTTPBasic

::: fastapi.security.HTTPBearer

::: fastapi.security.HTTPDigest

## HTTP Credentials

::: fastapi.security.HTTPAuthorizationCredentials

::: fastapi.security.HTTPBasicCredentials

## OAuth2 Authentication

//// tab | Python 3.10+

```Python hl_lines="4  78"
{!> ../../docs_src/security/tutorial003_an_py310.py!}
```

////

//// tab | Python 3.9+

```Python hl_lines="4  78"
{!> ../../docs_src/security/tutorial003_an_py39.py!}
```

////

//// tab | Python 3.8+

```Python hl_lines="4  79"
{!> ../../docs_src/security/tutorial003_an.py!}
```

////

//// tab | Python 3.10+ non-Annotated

//// tab | Python 3.10+

```Python hl_lines="4  78"
{!> ../../docs_src/security/tutorial003_an_py310.py!}
```

////

//// tab | Python 3.9+

```Python hl_lines="4  78"
{!> ../../docs_src/security/tutorial003_an_py39.py!}
```

////

//// tab | Python 3.8+

```Python hl_lines="4  79"
{!> ../../docs_src/security/tutorial003_an.py!}
```

////

//// tab | Python 3.10+ nicht annotiert

All the security utilities that integrate with OpenAPI (and the automatic API docs) inherit from `SecurityBase`, that's how **FastAPI** can know how to integrate them in OpenAPI.

///

## What it does

//// tab | Python 3.10+

```Python hl_lines="63-66"
{!> ../../docs_src/security/tutorial005_an_py310.py!}
```

////

//// tab | Python 3.9+

```Python hl_lines="63-66"
{!> ../../docs_src/security/tutorial005_an_py39.py!}
```

////

//// tab | Python 3.8+

```Python hl_lines="64-67"
{!> ../../docs_src/security/tutorial005_an.py!}
```

////

```Python hl_lines="7  48  55-56  59-60  69-75"
{!> ../../docs_src/security/tutorial004_an_py310.py!}
```

////

//// tab | Python 3.9+

```Python hl_lines="7  48  55-56  59-60  69-75"
{!> ../../docs_src/security/tutorial004_an_py39.py!}
```

////

//// tab | Python 3.8+

```Python hl_lines="7  49  56-57  60-61  70-76"
{!> ../../docs_src/security/tutorial004_an.py!}
```

////

        'interceptors.md': 'features/interceptors.md'
        'r8_proguard.md': 'features/r8_proguard.md'
        # Redirect all Security pages to security/*
        'security.md': 'security/security.md'
        'security_providers.md': 'security/security_providers.md'
        'tls_configuration_history.md': 'security/tls_configuration_history.md'
        # Redirect all changelog pages to changelog/*
        'changelog.md': 'changelogs/changelog.md'