Only the latest version of our software is currently being supported with security updates.
We take the security of our software seriously, so if you have found a vulnerability, we appreciate your help in disclosing it to us in a responsible manner.
Here's how you should report the vulnerability:
- Please do not open GitHub issues or pull requests - this makes the problem immediately visible to everyone. Instead, please email us directly at [email protected].
- Describe the vulnerability in as much detail as possible to help us understand and reproduce the problem.
Our team will try to respond to your email within three business days, and will send a more detailed response within seven business days indicating the next steps in handling your report.
After our initial reply to your report, our team will keep you informed of the progress we're making towards a fix and full announcement, and may ask for additional information or guidance.
Thank you for helping keep our software safe!