We only provide security updates for the last minor version of the most recent major version, since updates to this repository happen frequently.

Please do not report security or privacy issues through open GitHub issues if you identify any. Other MutableSecurity users' security posture might be impacted by this.

Email us at hello@mutablesecurity with some non-technical information about the issue:

• A short description;
• The functionality where it was noticed;
• The steps we should take to reproduce; and
• Potential security implications.

If possible, include technical information as well, such as vulnerable source code, proof of concepts or exploits, and possible hotfixes.

Within 24 hours of sending the email, you should get a response confirming that we have begun working on it and eventually asking for more information.