1 results (0.001 seconds)
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2019-10753
https://notcve.org/view.php?id=CVE-2019-10753
05 Sep 2019 — In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel (http). If the build occurred over an insecure connection, a malicious user could have perform a Man-in-the-Middle attack during the build and alter the build artifacts that were produced. In case that any of these artifacts were compromised, any developers using these could be alt... • https://snyk.io/vuln/SNYK-JAVA-COMDIFFPLUGSPOTLESS-460377 • CWE-669: Incorrect Resource Transfer Between Spheres •