Please report vulnerabilities privately through GitHub's [vulnerability reporting](https://github.com/Marcono1234/struson/security/advisories/new).
If you are unsure whether an issue represents a vulnerability, report it privately nonetheless. We can then discuss it and decide whether to create a public bug report instead.