The only version supported is the one corresponding to the master branch.

It would be appreciated if notifications of security vulnerabilities adhere to the Responsible/Coordinated Disclosure model.

The first step would be to contact me (rafael.fcucalon@gmail.com) with as much detail as possible: specific parameters used, their values, the output generated (along with screenshots), etc. It is also appreciated if the notification includes directions for fixing or mitigating the vulnerability; after receiving the information associated with the vulnerability I will prioritize its review.

humble is, in fact, a humble and personal project which I develop in my spare time: there is currently no bug bounty program.

All contributors in this area will be mentioned on the project's home page: if, on the other hand, you wish to remain anonymous, please let me know.

Thanks for your time!.