The Apache Software Foundation takes a rigorous stance on eliminating security issues in its software projects. Likewise, Apache Uniffle (incubating) is also vigilant and takes security issues related to its features and functionality into the highest consideration.
If you have any concerns regarding Uniffle's security, or you discover a vulnerability or potential threat, please do not hesitate to get in touch with the Apache Security Team by dropping an email at [email protected].
Please specify the project name as "Uniffle" in the email, and provide a description of the relevant problem or potential threat. You are also urged to recommend how to reproduce and replicate the issue.
The Apache Security Team and the Uniffle community will get back to you after assessing and analyzing the findings.
Please note that the security issue should be reported on the security email first, before disclosing it on any public domain.