This project is complete and is now in maintenance mode.
As a result changes, new releases are
- dependency updates due to security patches (rare)
- bug-fixes (rarer)
- PR merges (extremely rare)
More to the point, most of the vulnerabilities only apply to use of these libraries in a browser.
If you find a bug or think you've found a genuine vulnerability, raise an issue or better yet fix it and submit a PR.