To report a vulnerability please create a new Github Security Advisory, using this form.

Please do not report security vulnerabilities through public issues, discussions, or change requests.

Please include as much of the information as possible to help us better understand and resolve the issue, such as:

• The type of issue (e.g., privilege escalation, buffer overflow, …)
• Affected version(s) of the project
• Impact of the issue, including how an attacker might exploit the issue
• Assumptions & configuration required to reproduce the issue
• Step-by-step instructions to reproduce the issue, if possible with proof-of-concept exploit code
• Relevant log files (if available)
• Project source files exhibiting the vulnerability (if known)