RSS   Vulnerabilities for 'Arrow'   RSS

2019-04-22
 
CVE-2019-11404

CWE-254
 

 
arrow-kt Arrow before 0.9.0 resolved Gradle build artifacts (for compiling and building the published JARs) over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by an MITM attack.

 


Copyright 2019, cxsecurity.com

 

Back to Top