If you think you have found a potential security vulnerability in Authlib, please email <firstname.lastname@example.org> directly.
Do not file a public issue.
Please do not disclose this to anyone else. We will retrieve a CVE identifier if necessary and give you full credit under whatever name or alias you provide. We will only request an identifier when we have a fix and can publish it in a release.
Here is the process when we have received a security report:
No CVEs yet