Please report security vulnerabilities by opening a new GitHub security advisory.

You can also send an email to solegalli[at]protonmail.com.

If the security vulnerability is accepted, a patch will be crafted privately in order to prepare a dedicated bugfix release as timely as possible (depending on the complexity of the fix).

You are welcome to submit a PR with bugfix to repair the vulnerability.