Eclipse Hawkbit
Approved changes feed: RSS · Atom
cpe:2.3:a:the_eclipse_foundation:eclipse_hawkbit:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | The Eclipse Foundation (bb2d55d2-5306-5bc8-beb2-981f5d5392e4) |
|---|---|
| Product | Eclipse Hawkbit (9dfa70b4-df77-5258-bacb-5a67ef092d7f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-27219 |
vulnerable | 2026-06-03 14:42:17.844340 |
Details available
In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescaped to the client.
Published: 2021-01-14T22:20:13.000Z
Updated: 2024-08-04T16:11:36.119Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-10240 |
vulnerable | 2026-06-03 14:39:21.953977 |
Details available
Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of hawkBit might be infected.
Published: 2019-04-03T18:04:29.000Z
Updated: 2024-08-04T22:17:19.603Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.