Cleartext HTTP Resolution Vulnerability in Grails before 3.3.10

Cleartext HTTP Resolution Vulnerability in Grails before 3.3.10

CVE-2019-12728 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Grails before 3.3.10 used cleartext HTTP to resolve the SDKMan notification service. NOTE: users' apps were not resolving dependencies over cleartext HTTP.

Learn more about our User Device Pen Test.