Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an attacker to intercept downloads of autoupdates and modify the download, potentially injecting malicious code. “Apache NetBeans" versions up to and including 11.2 are affected by this vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache NetBeans 信任管理问题漏洞
Vulnerability Description
Apache NetBeans是美国阿帕奇(Apache)软件基金会的一套软件开发平台。该平台支持Java、C语言/C++、PHP和HTML5等程序的开发 Apache NetBeans 11.2及之前版本中存在安全漏洞,该漏洞源于在通过HTTPS协议进行下载时,程序没有验证SSL证书和主机名。攻击者可利用该漏洞拦截自动更新下载并进行修改,注入恶意代码。
CVSS Information
N/A
Vulnerability Type
N/A