Vulnerabilities > Eclipse > EDC Connector
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-07 | CVE-2024-4536 | Insufficiently Protected Credentials vulnerability in Eclipse EDC Connector In Eclipse Dataspace Components from version 0.2.1 to 0.6.2, in the EDC Connector component ( https://github.com/eclipse-edc/Connector ), an attacker might obtain OAuth2 client secrets from the vault. In Eclipse Dataspace Components from version 0.2.1 to 0.6.2, we have identified a security vulnerability in the EDC Connector component ( https://github.com/eclipse-edc/Connector ) regarding the OAuth2-protected data sink feature. | 5.3 |