Security fixes are provided for the latest released version of ldclabs/cose.
If the security vulnerability is already known to the public, then you can open an issue as a bug report.
To report security vulnerabilities not yet known to the public, please email [email protected] and allow time for the problem to be resolved before reporting it to the public.