We release patches for security vulnerabilities for the following versions:
| Version | Supported |
|---|---|
| 1.x.x | ✅ |
If you discover a security vulnerability within this package, please send an email to m.berg@event4u.app. All security vulnerabilities will be promptly addressed.
Please do not create a public GitHub issue for security vulnerabilities.
- Description of the vulnerability
- Steps to reproduce the issue
- Possible impact
- Suggested fix (if any)
- Acknowledgment: We will acknowledge receipt of your vulnerability report within 48 hours
- Assessment: We will assess the vulnerability and determine its severity
- Fix: We will work on a fix and release a patch as soon as possible
- Credit: We will credit you in the security advisory (unless you prefer to remain anonymous)
Security updates will be released as patch versions and documented in the CHANGELOG.
When using this package:
- Always use the latest stable version
- Keep your dependencies up to date
- Follow PHP security best practices
- Validate and sanitize user input before passing it to Data Helpers methods
- Be cautious when using wildcards with untrusted data
For security-related questions or concerns, contact:
- Email: m.berg@event4u.app
- GitHub: @matze4u