CVE-2019-10249

All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised.
References
Link Resource
https://github.com/eclipse/xtext-xtend/issues/759 Exploit Issue Tracking
https://bugs.eclipse.org/bugs/show_bug.cgi?id=546996 Issue Tracking Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:eclipse:xtend:*:*:*:*:*:*:*:*
cpe:2.3:a:eclipse:xtext:*:*:*:*:*:*:*:*

Information

Published : 2019-05-06 04:29

Updated : 2020-10-02 02:37


NVD link : CVE-2019-10249

Mitre link : CVE-2019-10249

Products Affected
No products.
CWE
CWE-116

Improper Encoding or Escaping of Output