CVE Security Report - SICS Java Launcher
The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community.
| Name | Description | CWE | CVSS v2.0 Severity | CVSS v3.0 Severity | Dependency |
|---|---|---|---|---|---|
| CVE-2020-27225 | In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform process. | CWE-306 | MEDIUM | HIGH | org.eclipse.jface-3.22.0.jar |
| CVE-2020-27225 | In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform process. | CWE-306 | MEDIUM | HIGH | org.eclipse.swt.win32.win32.x86_64-3.115.100.jar |
This report was generated 23.03.2021, 06:08:49 UTC, using dependency-check version: 6.0.3.