CVE-2019-10101

Опубликовано: 03 июл. 2019

Источник: nvd

CVSS3: 8.1

CVSS2: 6.8

EPSS Низкий

Описание

JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.

Ссылки

https://blog.jetbrains.com/blog/2019/06/19/jetbrains-security-bulletin-q1-2019/
Vendor Advisory
https://medium.com/bugbountywriteup/want-to-take-over-the-java-ecosystem-all-you-need-is-a-mitm-1fc329d898fb
Exploit
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230818-0012/
https://blog.jetbrains.com/blog/2019/06/19/jetbrains-security-bulletin-q1-2019/
Vendor Advisory
https://medium.com/bugbountywriteup/want-to-take-over-the-java-ecosystem-all-you-need-is-a-mitm-1fc329d898fb
Exploit
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230818-0012/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jetbrains:kotlin:*:*:*:*:*:*:*:*

Версия до 1.3.30 (исключая)

EPSS

Процентиль: 1%

0.00012

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-319

Связанные уязвимости

CVE-2019-10101

CVSS3: 8.1

debian

больше 6 лет назад

JetBrains Kotlin versions before 1.3.30 were resolving artifacts using ...

GHSA-p2g6-rgr3-jm3m

CVSS3: 8.1

github

больше 3 лет назад

JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.

EPSS

Процентиль: 1%

0.00012

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-319