Security fixes are generally provided for the latest maintained version of each project.

Please do not disclose security vulnerabilities publicly.

Instead:

1. Contact the maintainer privately.
2. Include a detailed description.
3. Provide reproduction steps if possible.
4. Explain the potential impact.

After a report is received:

1. The issue will be reviewed.
2. A fix will be developed if necessary.
3. Responsible disclosure practices will be followed.

Thank you for helping keep projects secure.