If you believe you have identified a security vulnerability in this project, you may submit a private vulnerability disclosure.
Please do NOT open an issue in the GitHub repository, as we'd prefer to keep vulnerability reports private until we've had an opportunity to review and address them.
If you have any questions or concerns, please send an email to the Bloomberg OSPO at opensource@bloomberg.net.