Only the latest version is supported, and it is recommended that you check whether the contents of the latest master branch are vulnerable before reporting any issue.

To report a security vulnerability, please read Privately reporting a security vulnerability.

Note that nobody is being paid to work on this project, and there are no rewards for vulnerability reporting.