Lucene search

CVE-2021-41037

🗓️ 08 Jul 2022 03:37:50Reported by eclipseType

Insecure touchpoints in Eclipse p2 can run malicious code during installation without warnin

Reporter	Title	Published	Views	Family All 4
CVE	CVE-2021-41037	8 Jul 202204:15	–	cve
Cvelist	CVE-2021-41037	8 Jul 202203:50	–	cvelist
NVD	CVE-2021-41037	8 Jul 202204:15	–	nvd
Prion	Code injection	8 Jul 202204:15	–	prion

[
  {
    "cpes": [
      "cpe:2.3:a:eclipse:equinox_p2:*:*:*:*:*:*:*:*"
    ],
    "vendor": "eclipse",
    "product": "equinox_p2",
    "versions": [
      {
        "status": "affected",
        "version": "1.0.0",
        "lessThan": "4.28",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
github	www.github.com/eclipse-equinox/p2/issues/235
bugs	www.bugs.eclipse.org/bugs/show_bug.cgi

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Jul 2022 03:50Current

6.9Medium risk

Vulners AI Score6.9

CVSS310

SSVC

CWE-829

eclipse p2 touchpoints installation security insufficient signatures risky source