Security advisories will not be published while Bison is in pre-release. Once the project graduates to 1.0.0, the list below will include versions actively receiving security advisories.

Vulnerabilities should be reported in an GitHub issue using the vulnerability issue template. If you believe your vulnerability too sensitive to be public, you can email the body of your issue to crichez@pm.me instead.