CVE-2019-10248
8.1HIGHEclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM
게시됨: 4/22/2019업데이트됨: 11/21/2024
설명
Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of Vorto might be infected.
AI 분석AI 기반
영향받는 제품
eclipsevorto
참조
- https://bugs.eclipse.org/bugs/show_bug.cgi?id=546622Third Party Advisory
- https://bugs.eclipse.org/bugs/show_bug.cgi?id=546622Third Party Advisory