Eclipse Ditto follows the Eclipse Vulnerability Reporting Policy. Vulnerabilities are tracked by the Eclipse security team, in cooperation with the Ditto project leads. Fixing vulnerabilities is taken care of by the Ditto project committers, with assistance and guidance of the security team.
Eclipse Ditto provides security updates for the two most recent minor versions.
These versions of Eclipse Ditto are currently being supported with security updates.
| Version | Supported |
|---|---|
| 3.5.x | ✅ |
| 3.4.x | ✅ |
| < 3.4.0 | ❌ |
Please report a found vulnerability here: https://www.eclipse.org/security/