Total
42 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36518 | 4 Debian, Fasterxml, Netapp and 1 more | 36 Debian Linux, Jackson-databind, Active Iq Unified Manager and 33 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. | |||||
| CVE-2020-27223 | 5 Apache, Debian, Eclipse and 2 more | 16 Nifi, Solr, Spark and 13 more | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. | |||||
| CVE-2020-27218 | 5 Apache, Debian, Eclipse and 2 more | 17 Kafka, Spark, Debian Linux and 14 more | 2024-11-21 | 5.8 MEDIUM | 4.8 MEDIUM |
| In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request. | |||||
| CVE-2020-27216 | 6 Apache, Debian, Eclipse and 3 more | 19 Beam, Debian Linux, Jetty and 16 more | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
| In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. | |||||
| CVE-2020-13954 | 3 Apache, Netapp, Oracle | 6 Cxf, Snap Creator Framework, Vasa Provider For Clustered Data Ontap and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This vulnerability affects all versions of Apache CXF prior to 3.4.1 and 3.3.8. Please note that this is a separate issue to CVE-2019-17573. | |||||
| CVE-2020-12723 | 5 Fedoraproject, Netapp, Opensuse and 2 more | 16 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 13 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. | |||||
| CVE-2020-11022 | 8 Debian, Drupal, Fedoraproject and 5 more | 78 Debian Linux, Drupal, Fedora and 75 more | 2024-11-21 | 4.3 MEDIUM | 6.9 MEDIUM |
| In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. | |||||
| CVE-2020-10878 | 5 Fedoraproject, Netapp, Opensuse and 2 more | 17 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 14 more | 2024-11-21 | 7.5 HIGH | 8.6 HIGH |
| Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. | |||||
| CVE-2020-10683 | 5 Canonical, Dom4j Project, Netapp and 2 more | 38 Ubuntu Linux, Dom4j, Oncommand Api Services and 35 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. | |||||
| CVE-2019-10247 | 4 Debian, Eclipse, Netapp and 1 more | 26 Debian Linux, Jetty, Element and 23 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context. | |||||
| CVE-2019-10246 | 4 Eclipse, Microsoft, Netapp and 1 more | 26 Jetty, Windows, Element and 23 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted to only the content in the configured base resource directories. | |||||
| CVE-2018-18314 | 5 Canonical, Debian, Netapp and 2 more | 8 Ubuntu Linux, Debian Linux, E-series Santricity Os Controller and 5 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | |||||
| CVE-2018-18313 | 6 Apple, Canonical, Debian and 3 more | 9 Mac Os X, Ubuntu Linux, Debian Linux and 6 more | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. | |||||
| CVE-2018-18312 | 5 Canonical, Debian, Netapp and 2 more | 8 Ubuntu Linux, Debian Linux, E-series Santricity Os Controller and 5 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | |||||
| CVE-2018-18311 | 8 Apple, Canonical, Debian and 5 more | 18 Mac Os X, Ubuntu Linux, Debian Linux and 15 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | |||||
| CVE-2018-12538 | 2 Eclipse, Netapp | 12 Jetty, E-series Santricity Management Plug-ins, E-series Santricity Os Controller and 9 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore. | |||||
| CVE-2018-12015 | 6 Apple, Archive\, Canonical and 3 more | 9 Mac Os X, \, Ubuntu Linux and 6 more | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | |||||
| CVE-2018-11784 | 6 Apache, Canonical, Debian and 3 more | 15 Tomcat, Ubuntu Linux, Debian Linux and 12 more | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. | |||||
| CVE-2018-1000632 | 5 Debian, Dom4j Project, Netapp and 2 more | 15 Debian Linux, Dom4j, Oncommand Workflow Automation and 12 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later. | |||||
| CVE-2017-7658 | 5 Debian, Eclipse, Hp and 2 more | 20 Debian Linux, Jetty, Xp P9000 and 17 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization. | |||||