| Version | Supported |
|---|---|
| 2.x | ✅ |
| Before 2.0 | ❌ |
We take the security of DoctrineEncryptBundle seriously. If you believe you have found a security vulnerability, please report it privately:
- Email: hectorfranco@nowo.tech (see
composer.jsonmaintainers) - Do not open a public GitHub issue for security-sensitive bugs.
Please include:
- Type of issue (e.g. injection, XSS, auth bypass, deserialization risk, cryptographic misuse)
- Affected file(s) and version/tag/commit
- Steps to reproduce
- Impact assessment
- PoC (if available)
- Initial acknowledgment: within 48 hours
- Follow-up status: within 7 days
- Resolution: depends on complexity and impact
- We confirm receipt and validate the report.
- We prepare and publish a fix as soon as possible.
- We coordinate disclosure with the reporter.
- We credit responsible disclosure (unless anonymity is requested).