GCVE - cpe:2.3:a:eclipse_foundation:org.eclipse.core.runtime:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:eclipse_foundation:org.eclipse.core.runtime:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Eclipse Foundation (`2c315c48-0111-5572-bbde-cc70cfafb2e9`)
Product	Org.Eclipse.Core.Runtime (`3d01c969-0d5c-5fa1-8cea-f06765dcec43`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-4218`	vulnerable	2026-06-03 14:53:27.567516	XXE in eclipse.platform / Eclipse IDE MEDIUM (5) In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a foreign repository or patch). Published: 2023-11-09T08:26:51.567Z Updated: 2024-09-03T19:26:14.225Z Open on db.gcve.eu Reference links https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/8 https://github.com/eclipse-pde/eclipse.pde/pull/632/ https://github.com/eclipse-pde/eclipse.pde/pull/667/ https://github.com/eclipse-platform/eclipse.platform/pull/761 https://github.com/eclipse-platform/eclipse.platform.releng.buildtools/pull/45	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.