| Version | Supported |
|---|---|
| 1.x | ✅ |
If you discover a security vulnerability in CSVCoder, please report it by opening a GitHub Issue.
For sensitive security issues, please include "[SECURITY]" in the issue title.
We will respond within 48 hours and work with you to understand and address the issue.
CSVCoder is designed to safely parse untrusted CSV input:
- Memory-mapped I/O prevents loading entire files into memory
- Strict mode validates RFC 4180 compliance
- No dynamic code execution
- No network access
- No file system writes (except explicit file output APIs)