To report a security issue, please email [email protected] with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. Our vulnerability management team will acknowledge receiving your email within three working days. This project follows a 90-day disclosure timeline.