CVE-2019-10248
CVE-2019-10248 affects Eclipse Vorto prior to 0.11. Maven build artifacts for the Xtext project were resolved over HTTP rather than HTTPS, enabling potential MITM tampering of dependency artifacts. This could allow infected build artifacts to be produced. The issue is tied to the build/download c...