Please report (suspected) security vulnerabilities by opening an issue on the issue tracker. Do NOT put the details of the security vulnerability inside the issue.

You will receive a response on the issue with further information on how to disclose the security vulnerability.