CVE-2019-11404
Published
CVSS v3
N/A
CVSS v2
4.3
MEDIUM
Affected
2
PROJECTS
Description
arrow-kt Arrow before 0.9.0 resolved Gradle build artifacts (for compiling and building the published JARs) over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by an MITM attack.
The perfect companion for your Kotlin journey - Inspired by functional, data-oriented and concurrent programming
GitHubΛNK: Compile time docs verification and evaluation for Kotlin and Java (Temporarily moved to Arrow-kt)
GitHub