About Zenix framework
Author: Miguel Gargallo
Security Policy
Supported Versions
At Zenix Framework we are committed to providing a secure framework for our users. We will do our best to keep our framework up to date with the latest security patches.
| Version | Supported |
|---|---|
| 2.0.0 | ✅ |
| 1.9.2 | ✅ |
| < 1.9.2 | ❌ |
Reporting a Vulnerability
Vulnerabilities are our top priority, so we will do our best to fix them as soon as possible. We will work under the FIFO (First In First Out) principle, so the first vulnerability reported will be the first to be fixed.
Our scale of priority is as follows:
- Critical: A vulnerability that allows an attacker to execute arbitrary code on the server.
- High: A vulnerability that allows an attacker to access sensitive information on the server.
- Medium: A vulnerability that allows an attacker to access sensitive information on the client.
- Low: A vulnerability that allows an attacker to access sensitive information on the client.
- Informational: A vulnerability that allows an attacker to access sensitive information on the client.
What to expect when accepting or rejecting a vulnerability
If you report a vulnerability, we will respond as soon as possible, if we accept it, we will assign it a priority and we will work on it as soon as possible.
If we reject it, we will explain why we reject it and we will try to give you a solution to the problem.
How to report a vulnerability
To report a vulnerability, you must create an issue with the label “security” and explain the vulnerability in detail, we will respond as soon as possible.