Send vulnerability details to [email protected] and please refrain from posting an issue with the details until they can be reviewed by a maintainer of this repository. If a vulnerability is confirmed a CVE will be opened with GitHub and the fix released as quickly as possible based on severity of the issue.