Linux Distros Unpatched Vulnerability : CVE-2019-10753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse- cdt, and all versions prior to version 3.0.1 for...

Fedora: Security Advisory for eclipse-cdt (FEDORA-2020-cf8ef2f333)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: eclipse-cdt-9.11.1-8.fc32

Eclipse features and plugins that are useful for C and C++ development...

Incorrect Resource Transfer Between Spheres in eclipse-wtp

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a maliciou...

Man-in-the-Middle (MitM)

spotless-eclipse-groovy, spotless-eclipse-cdt and spotless-eclipse-wtp is vulnerable to man-in-the-middle MitM. The build files in the project resolve dependencies over an insecure HTTP channel. A remote attacker could potentially modify and include malicious code in the build artifacts. Should t...

Design/Logic Flaw

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a maliciou...

CVE-2019-10753

CVE-2019-10753 details a vulnerability in Spotless where dependencies were resolved over HTTP in affected Eclipse tooling: eclipse-wtp <3.9.6, eclipse-cdt <9.4.4, and eclipse-groovy

Unsafe Dependency Resolution

Overview com.diffplug.gradle.spotless:spotless-eclipse-cdt is a code formatting library. Affected versions of this package are vulnerable to Unsafe Dependency Resolution due to resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a malicious use...

Oracle: Security Advisory (ELSA-2011-0568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...