cvedb.io
CVE-2019-10248
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2019-04-22T21:29:00.257 · Last modified 2026-06-17T02:10:34.537

Summary

Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of Vorto might be infected.

Affected products

eclipse — vorto

Does this affect you?

Add your gear to cvedb and we'll alert you only when eclipse ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.