The latest stable release is supported. All other versions are unsupported.

To report a vulnerability, create an issue with the security label.

This project is developed and maintained by volunteers during their free time, so there is no SLA or ETA for fixing vulnerabilities (or any issues). Please help by submitting a PR to fix an issue.