If you think you have discovered a security issue in any of the Mattr projects, we'd love to hear from you. We will take all security bugs seriously and if confirmed upon investigation we will patch it within a reasonable amount of time and release a public security bulletin discussing the impact and credit the discoverer.
The best way to report a security bug is to email a description of the flaw and any related information (e.g. reproduction steps, version) to security at mattr dot global.
From there we'll work with you to assess the bug and decide the appropriate path forward.