I do only support the very latest version of this software.
Please report a vulnerability privately at the Github security feature to the email found in the pyproject.toml.
Following vulnerabilities are definitely in scope:
- Malicious dependencies
- Code execution when opening files
- Not deleted temporary files of the unredacted identity documents
By contrast, please report as a regular issue:
- Just outdated dependencies without a security impact
- Security hardening