Please note Pierre also references this post for this vulnerability, and the other source also references this blogpost. 

I plan to contribute more to this project, with more meaningful PRs.