Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of hawkBit might be infected.
                
            Metrics
Affected Vendors & Products
References
        | Link | Providers | 
|---|---|
| https://bugs.eclipse.org/bugs/show_bug.cgi?id=546053 |     | 
History
                    No history.
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: eclipse
Published: 2019-04-03T18:04:29
Updated: 2024-08-04T22:17:19.603Z
Reserved: 2019-03-27T00:00:00
Link: CVE-2019-10240
 Vulnrichment
                        Vulnrichment
                    No data.
 NVD
                        NVD
                    Status : Modified
Published: 2019-04-03T18:29:17.503
Modified: 2024-11-21T04:18:43.300
Link: CVE-2019-10240
 Redhat
                        Redhat
                    No data.