Security fixes are provided for the latest released version of this package.

Please do not open public issues for suspected security vulnerabilities.

Report vulnerabilities by emailing brian.schaeffner@sympress.de with:

• A description of the issue and its impact
• Steps to reproduce or a minimal proof of concept
• Affected versions or commits, if known
• Any relevant logs with secrets removed

You should receive an acknowledgement within 72 hours. Confirmed vulnerabilities will be handled with coordinated disclosure.

Persistent cache backends, filesystem cache directories, SQLite/PDO cache files, and generated container dumps may contain application data or implementation details. Do not expose them to untrusted readers or writers.