This software implements other software, it's not very likely that this software introduces new vulnerabilities.
The current major version is supported. For example if the current version is 3.4.1:
| Version | Supported |
|---|---|
| 3.4.1 | ✅ |
| 3.4.x | ✅ |
| 3.x.x | ✅ |
| 2.0.0 | ❌ |
| 1.0.0 | ❌ |
Please open an issue describing the vulnerability.
Tell them where to go, how often they can expect to get an update on a reported vulnerability, what to expect if the vulnerability is accepted or declined, etc.
Please consider sponsoring me.