cvedb.io
CVE-2019-10240
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2019-04-03T18:29:17.503 · Last modified 2026-06-17T02:10:33.260

Summary

Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of hawkBit might be infected.

Affected products

eclipse — hawkbit

Does this affect you?

Add your gear to cvedb and we'll alert you only when eclipse ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.