Please provide a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue.

The preferred way to report a security issue is through GitHub's security advisory for this project. See Privately reporting a security vulnerability for instructions on reporting using GitHub's security advisory feature.

The Ubuntu Security disclosure and embargo policy contains more information about how can contact us, what you can expect when you contact us, and what we expect from you.