If you think you have found a vulnerability in Eclipse Open VSX you can report it using one of the following ways:

• Contact the Eclipse Foundation Security Team
• Create a confidential issue

You can find more information about reporting and disclosure at the Eclipse Foundation Security page.

Supported versions are: v0.x.x Check Open VSX releases for latest versions.

This project follows Eclipse Foundation Vulnerability Reporting Policy.