Only the latest released version is being supported with security updates.
If you discover any security vulnerability, please open an Issue at the project's GitHub repository, and we'll do our best to fix it right away.
At Doist, our bug bounty program is a critical component of our security efforts. Your efforts may be eligible for a monetary reward. For more see our Doist bug bounty policy.