Security updates are applied only to the most recent releases.
To securely report a vulnerability, please send a message to [email protected]
Please do not file a GitHub issue for a vulnerability.
- Your report will be acknowledged within two business days.
- The team will investigate and update the issue with relevant information.
- If the team does not confirm the report, no further action will be taken and the issue will be closed.
- If the team confirms the report, the team will take action to fix it immediately.
We do not have a bug bounty program and no monetary prizes will be be given for reporting or providing a fix for a security issue.