Please do not disclose potential security vulnerabilities in public. Instead of opening an issue or a pull request, contact the project's maintainer at kripod@protonmail.com. Each submission will be reviewed in order.

Responsible disclosure is honoured with great respect. A place amongst the list of contributors is also granted for the authors of verified issues.

Public articles may only be written about a case once a fix is available for the affected package(s).