If you think you have found a vulnerability in JDT LS you can report it using one of the following ways:

• Contact the Eclipse Foundation Security Team
• Create a confidential issue

You can find more information about reporting and disclosure at the Eclipse Foundation Security page.

The latest JDT LS release may, in some cases, be supported by security updates. However, given their frequency, and that most are minor releases, it is recommended to always adopt the latest version for the purpose of addressing security issues.

This project follows Eclipse Foundation Vulnerability Reporting Policy.