CVE-2019-17561
Description
The Apache NetBeans autoupdate system does not fully validate code signatures. An attacker could modify the downloaded nbm and include additional code. Apache NetBeans versions up to and including 11.2 are affected by this vulnerability.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.73
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-17561,CVE-2019-17560 are affected in Codehaus - netbeans 3.1.4 | Windows |
| Vulnerabilities CVE-2019-17561,CVE-2019-17560 are affected in Codehaus - netbeans for Linux 3.1.4 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234