Skip to content

Security: a-pagano/theia

Security

SECURITY.md

Eclipse Theia Vulnerability Reporting Policy

If you think or suspect that you have discovered a new security vulnerability in this project, please do not disclose it on GitHub, e.g. in an issue, a PR, or a discussion. Any such disclosure will be removed/deleted on sight, to promote orderly disclosure, as per the Eclipse Foundation Security Policy (1).

Instead, please report any potential vulnerability to the Eclipse Foundation Security Team. Make sure to provide a concise description of the issue, a CWE, and other supporting information.

(1) Eclipse Foundation Vulnerability Reporting Policy: https://www.eclipse.org/security/policy.php

There aren’t any published security advisories