Please do not report security vulnerabilities through public GitHub issues.
Please report vulnerabilities to this repository via GitHub security advisories instead.
How? Inside affected repository → security tab
For contributors:
→ Report a vulnerability
For committers:
→ Advisories → New draft security advisory
In severe cases, you can also report a found vulnerability via mail or eclipse issue here: https://www.eclipse.org/security/