Only the latest release receives security fixes.
Report vulnerabilities privately via GitHub security advisories. Do not open public issues for security reports.
You will receive an initial response within 7 days. Please allow a fix to be released before public disclosure.