Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-17560

Опубликовано: 30 мар. 2020
Источник: debian

Описание

The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an attacker to intercept downloads of autoupdates and modify the download, potentially injecting malicious code. “Apache NetBeans" versions up to and including 11.2 are affected by this vulnerability.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
netbeansfixed12.1-1package

Примечания

  • Debian packages updated via apt, starting with 12.1 only some classes are shipped

Связанные уязвимости

ubuntu логотип

CVE-2019-17560

CVSS3: 9.1
ubuntu
почти 6 лет назад

The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an attacker to intercept downloads of autoupdates and modify the download, potentially injecting malicious code. “Apache NetBeans" versions up to and including 11.2 are affected by this vulnerability.

nvd логотип

CVE-2019-17560

CVSS3: 9.1
nvd
почти 6 лет назад

The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an attacker to intercept downloads of autoupdates and modify the download, potentially injecting malicious code. “Apache NetBeans" versions up to and including 11.2 are affected by this vulnerability.

github логотип

GHSA-7c2m-vwxw-5qww

CVSS3: 9.1
github
больше 3 лет назад

Improper Certificate Validation in Apache Netbeans

fstec логотип

BDU:2020-04509

CVSS3: 9.1
fstec
почти 6 лет назад

Уязвимость системы обновления среды разработки приложений Apache NetBeans, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации

oracle-oval логотип

ELSA-2020-5807

oracle-oval
больше 5 лет назад

ELSA-2020-5807: GraalVM Security update (IMPORTANT)