This project relies on Symfony components for most of its features. If you suspect that the security issue is caused by Symfony, please report the issue to them as explained in symfony.com/security

Since this bundle is used to create admins with restricted access, most of the security issues don't have any practical impact and you can report them as regular issues.

If you find truly critical security issues (e.g. a way to bypass the restricted access to the admin) you can report them to my private email address at javier.eguiluz@symfony.com.