Hi,
We have identified a security issue in this project and have already obtained a CVE for it, but the details have not yet been publicly disclosed.
We would like to collaborate with you on responsible disclosure. Could you please provide a preferred contact method for security reports? You may also reach us directly at hwang335@jh.edu.
Thank you.