Ktlint Project

ktlint_project

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Ktlint

ktlint

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-1010260 1Ktlint Project 1Ktlint Nov 21, 2024 Apr 2, 2019 N/A· v4 8.1 HIGH· v3 9.3 HIGH· v2 Using ktlint to download and execute custom rulesets can result in arbitrary code execution as the served jars can be compromised by a MITM. This attack is exploitable via Man in the Middle of the HTTP connection to the...Show more Using ktlint to download and execute custom rulesets can result in arbitrary code execution as the served jars can be compromised by a MITM. This attack is exploitable via Man in the Middle of the HTTP connection to the artifact servers. This vulnerability appears to have been fixed in 0.30.0 and later; after commit 5e547b287d6c260d328a2cb658dbe6b7a7ff2261.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2019-1010260

1Ktlint Project

1Ktlint

Nov 21, 2024

Apr 2, 2019

N/A· v4

8.1 HIGH· v3

9.3 HIGH· v2

Using ktlint to download and execute custom rulesets can result in arbitrary code execution as the served jars can be compromised by a MITM. This attack is exploitable via Man in the Middle of the HTTP connection to the artifact servers. This vulnerability appears to have been fixed in 0.30.0 and later; after commit 5e547b287d6c260d328a2cb658dbe6b7a7ff2261.Show less