CVE-2019-17561

Summary

The "Apache NetBeans" autoupdate system does not fully validate code signatures. An attacker could modify the downloaded nbm and include additional code. "Apache NetBeans" versions up to and including 11.2 are affected by this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aApache NetBeansthrough 11.2affected

Weaknesses

  • Improper Validation of Integrity Check Value

ADP Enrichment

CVE Program Container

Additional References

References