All versions 1.0+ are supported currently, and we do not support nor will make patches for those prior to 1.0. These under rare cases have unsound logic and therefore could be vulnerable.

If you have a security vulnerability, please reach out to me privately at ahuszagh@gmail.com. Other forms of communication may not reach me.