Maven package
org.eclipse.hawkbit/hawkbit-parent
pkg:maven/org.eclipse.hawkbit/hawkbit-parent
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-27219 | — | < 0.3.0M7 | 0.3.0M7 | Jan 14, 2021 | In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescap | ||
| CVE-2019-10240 | — | < 0.3.0M2 | 0.3.0M2 | Apr 3, 2019 | Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of hawkBit might be infected. |
- CVE-2020-27219Jan 14, 2021affected < 0.3.0M7fixed 0.3.0M7
In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescap
- CVE-2019-10240Apr 3, 2019affected < 0.3.0M2fixed 0.3.0M2
Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of hawkBit might be infected.