Please do not report security vulnerabilities through public GitHub issues.

Use GitHub's private vulnerability reporting instead: Report a vulnerability

Please include:

• A description of the vulnerability and its impact
• Steps to reproduce or a proof of concept
• Any suggested mitigations if known