Only the latest release is currently supported, we will not be backporting fixes as long as this project is in the unstable 0.x versioning.
If you've discovered a vulnerability in this project, please report it to Dylan Anthony at contact@dylananthony.com. I will create an advisory, add you to the discussion, and credit you with discovery.
It's better not to create an issue in the repository unless it's already actively being exploited.