VYPR

Maven package

org.eclipse.vorto/org.eclipse.vorto.core

pkg:maven/org.eclipse.vorto/org.eclipse.vorto.core

Vulnerabilities (1)

  • CVE-2019-10248Apr 22, 2019
    affected < 0.11.0fixed 0.11.0

    Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of Vorto might be infected.