CVE-2019-11404
Summary: CVE-2019-11404 affects arrow-kt Arrow before 0.9.0, where Gradle build artifacts for publishing the JARs were resolved over HTTP instead of HTTPS. This creates a risk that dependent artifacts could be maliciously modified via MITM during download. What is affected: The Arrow Kotlin libra...