If you believe you have found a security vulnerability in any GitHub-owned repository, please report it to us through coordinated disclosure.

Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.

Instead, please report vulnerabilities by creating an advisory in the repo's security tab.