To report a security issue, please click on the "Report a vulnerability" button from the "Security" tab. See detailed instructions.

The maintainers will respond within 3 working days of the report. If the issue is confirmed as a vulnerability, we will open a Security Advisory. We will fully acknowledge the reporter for responsibly disclosing the vulnerability.