Security fixes are provided for the latest released version of ldclabs/cose.

If the security vulnerability is already known to the public, then you can open an issue as a bug report.

To report security vulnerabilities not yet known to the public, please email txr1883@gmail.com and allow time for the problem to be resolved before reporting it to the public.