z/OS Resource Explorer follows the Eclipse Vulnerability Reporting Policy. Vulnerabilities are tracked by the Eclipse security team, in cooperation with the z/OS Resource Explorer project lead. Fixing vulnerabilities is taken care of by the z/OS Resource Explorer project committers, with assistance and guidance of the security team.
z/OS Resource Explorer supports security updates only for the latest version.
We recommend that in case of suspected vulnerabilities you do not use the z/OS Resource Explorer public issue tracker, but instead contact the Eclipse Security Team directly via security@eclipse.org.