To report a vulnerability, submit an issue on GitHub.
Updates are prioritized by their perceived risk; therefore, they are not guaranteed to occur within a time window.
If the vulnerability is accepted, it will be prioritized by its perceived risk. It is not guaranteed to be resolved within a time frame.
If the vulnerability is declined, the ticket may remain open temporarily for additional community feedback. Without elevated importance, the ticket will be closed without action.