pdf-fmt and it's maintainers take security issues seriously. Vulnerabilities can be disclosed in private:
- GitHub advisories
- email (if immediate attention is needed)
We appreciate your efforts to disclose your findings responsibly and will make every effort to acknowledge your contributions.
Thanks