Due to their public nature, GitHub issue trackers are not appropriate places for reporting vulnerabilities.

This project uses GitHub's private vulnerability reporting to triage and remediate potential security issues.

To learn more about the private vulnerability reporting process, read GitHub's docs here.