Document vulnerability CVE-2021-41767, fixed in 1.4.0.