To report a vulnerability, you can send a mail to the maintainer at Stéphane Raimbault stephane.raimbault@gmail.com.

Once the vulnerability is fixed, new releases will be published and an issue will be created to disclose the vulnerability.

The reporter name will be credited (if you wish).