Vulnerabilities should be reported via the following process:

• Open a Github Issue & mention it's about a vulnerability, but do not post the actual vulnerability itself.
• The authors should suggest a private channel to discuss further.

Note: Only the latest versions receive security fixes