Please contact [email protected] as soon as possible to report the vulnerability. If this is a vulnerability that can be actively exploited please do not create a GitHub issue on any public repo.

If you receive no reply within 3 working days, please create an issue for the community to respond to without providing details of how the vulnerability can be exploited at first, and a maintainer will contact you.