The Apache Software Foundation takes a rigorous standpoint in annihilating the security issues in its software projects. Apache CarbonData is highly sensitive and forthcoming to issues pertaining to its features and functionality.
If you have apprehensions regarding CarbonData’s security or you discover vulnerability or potential threat, don’t hesitate to get in touch with the Apache Security Team by dropping a mail at firstname.lastname@example.org. In the mail, specify the project name CarbonData with the description of the issue or potential threat. You are also urged to recommend the way to reproduce and replicate the issue. The security team and the CarbonData community will get back to you after assessing and analysing the findings.
PLEASE PAY ATTENTION to report the security issue on the security email before disclosing it on public domain.
The ASF Security Team maintains a page with the description of how vulnerabilities and potential threats are handled, check their Web page for more Details.