Do not open a public GitHub issue for security vulnerabilities.
Please report security issues via GitHub's private vulnerability reporting: Security → Report a vulnerability (in the repository's Security tab).
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
You will receive a response within 72 hours. If the issue is confirmed, a patch will be released as soon as possible.