Please do not open a public GitHub issue for security vulnerabilities.

Instead, use GitHub's private vulnerability reporting:

• Go to the repository page on GitHub
• Click Security
• Click Report a vulnerability

If private reporting is not available for your repository settings, open a minimal issue that contains no sensitive details and ask maintainers for a private channel.

Security fixes are provided for the latest released version.