Browse all 14 CVE security advisories affecting Eclipse. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Eclipse serves as a comprehensive integrated development environment (IDE) primarily used for software development across multiple programming languages. Historically, it has been susceptible to various vulnerability classes, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, often stemming from its extensive plugin architecture and complex codebase. Security researchers have identified over 14 CVEs, with notable incidents involving insecure deserialization flaws and improper input validation in core components. Its modular nature, while providing flexibility, introduces potential attack surfaces through third-party extensions. Regular security updates are essential for maintaining secure development environments using this platform.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-36022 | Some Deeplearning4J packages use unclaimed s3 bucket in tests and examples — deeplearning4jCWE-344 | 5.3 | Medium | 2022-11-10 |
This page lists every published CVE security advisory associated with Eclipse. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.