漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
In all released versions of Eclipse Equinox, at least until version 4.21 (September 2021), installation can be vulnerable to man-in-the-middle attack if using p2 repos that are HTTP; that can then be exploited to serve incorrect p2 metadata and entirely alter the local installation, particularly by installing plug-ins that may then run malicious code.
CVSS Information
N/A
Vulnerability Type
通道可被非端点访问(中间人攻击)
Vulnerability Title
Eclipse Equinox 安全漏洞
Vulnerability Description
Eclipse Equinox是Eclipse基金会的一个子项目,提供OSGi R4.x 核心框架规范的认证实现。 Eclipse Equinox 4.21之前版本存在安全漏洞,该漏洞源于如果使用HTTP的p2存储库,安装可能容易受到中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A