CVE-2019-10248
8.1HIGHEclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM
Опубликовано: 4/22/2019Обновлено: 11/21/2024
Описание
Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of Vorto might be infected.
ИИ-АнализНа базе ИИ
Затронутые продукты
eclipsevorto
Ссылки
- https://bugs.eclipse.org/bugs/show_bug.cgi?id=546622Third Party Advisory
- https://bugs.eclipse.org/bugs/show_bug.cgi?id=546622Third Party Advisory