Explorer for Endevor follows the Eclipse Vulnerability Reporting Policy. Vulnerabilities are tracked by the Eclipse security team, in cooperation with the Explorer for Endevor project team. Fixing vulnerabilities is taken care of by the Explorer for Endevor project committers, with assistance and guidance of the security team.
Explorer for Endevor supports security updates only for the latest version.
We recommend that in case of suspected vulnerabilities you do not use the Explorer for Endevor public issue tracker, but instead contact the Eclipse Security Team directly via security@eclipse.org.