This is an open source project that is provided as-is without warranty or liability. As such, we can make no support commitment. The maintainers will do the best they can to address any report promptly and responsibly.
While the discovery of new vulnerabilities is rare, we also recommend always using the latest versions of this library and its official companion libraries to ensure your application remains as secure as possible.
Please use the "Private vulnerability reporting" feature in the GitHub repository (under the "Security" tab).