cvedb.io
CVE-2019-10244
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2019-04-09T16:29:01.587 · Last modified 2026-06-17T02:10:33.850

Summary

In Eclipse Kura versions up to 4.0.0, the Web UI package and component services, the Artemis simple Mqtt component and the emulator position service (not part of the device distribution) could potentially be target of XXE attack due to an improper factory and parser initialisation.

Affected products

eclipse — kura

Does this affect you?

Add your gear to cvedb and we'll alert you only when eclipse ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.