Eclipse Equinox is a sub-project of the Eclipse Foundation that provides a certified implementation of the OSGi R4.x core framework specification. versions prior to Eclipse Equinox 4.21 have a security vulnerability that stems from the fact that if a p2 repository with HTTP is used, an attacker could exploit the vulnerability to install a potentially vulnerable man-in-the-middle attack.
CPE | Name | Operator | Version |
---|---|---|---|
eclipse equinox | lt | 4.21 |