Skip to content

Apache Cordova App Harness Targeted in Dependency Confusion Attack

  • by

Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness.
Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious package with the same name to a public package repository.

Leave a Reply

Your email address will not be published. Required fields are marked *