This project is in maintenance mode and receives bug and security fixes for the latest released version only. Please make sure you are running the most recent image or release before reporting an issue.
Please do not report security vulnerabilities through public GitHub issues.
Instead, report them privately through GitHub's private vulnerability reporting feature. This lets us coordinate a fix and request a CVE through GitHub's security advisory flow before any details are disclosed publicly.
When reporting, please include as much of the following as you can:
- A description of the vulnerability and its impact
- The affected component or dependency and version
- Steps to reproduce or a proof of concept
- Any suggested remediation
We aim to acknowledge new reports within a reasonable time frame and will keep you informed about the progress toward a fix. Once a fix is available, we will publish a security advisory and credit the reporter unless anonymity is requested.