Eclipse Eclipse Dataspace Components — known CVE vulnerabilities
Every CVE whose affected-product data names Eclipse Eclipse Dataspace Components, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2024-8642 — CVSS 8.1 (high): In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not…
CVE-2024-9202 — CVSS 5.3 (medium): In Eclipse Dataspace Components versions 0.1.3 to 0.9.0, the Connector component filters which datasets (= data offers) another party can…