Filtered by vendor Eclipse
Subscribe
Total
234 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-26049 | 3 Debian, Eclipse, Netapp | 6 Debian Linux, Jetty, Active Iq Unified Manager and 3 more | 2024-11-21 | N/A | 2.4 LOW |
| Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE="b; JSESSIONID=1337; c=d"` will be parsed as one cookie, with the name DISPLAY_LANGUAGE and a value of b; JSESSIONID=1337; c=d instead of 3 separate cookies. This has security implications because if, say, JSESSIONID is an HttpOnly cookie, and the DISPLAY_LANGUAGE cookie value is rendered on the page, an attacker can smuggle the JSESSIONID cookie into the DISPLAY_LANGUAGE cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server or its logging system. This issue has been addressed in versions 9.4.51, 10.0.14, 11.0.14, and 12.0.0.beta0 and users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2023-26048 | 1 Eclipse | 1 Jetty | 2024-11-21 | N/A | 5.3 MEDIUM |
| Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. This issue has been patched in versions 9.4.51, 10.0.14, and 11.0.14. Users are advised to upgrade. Users unable to upgrade may set the multipart parameter `maxRequestSize` which must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). | |||||
| CVE-2023-24815 | 1 Eclipse | 1 Vert.x-web | 2024-11-21 | N/A | 4.8 MEDIUM |
| Vert.x-Web is a set of building blocks for building web applications in the java programming language. When running vertx web applications that serve files using `StaticHandler` on Windows Operating Systems and Windows File Systems, if the mount point is a wildcard (`*`) then an attacker can exfiltrate any class path resource. When computing the relative path to locate the resource, in case of wildcards, the code: `return "/" + rest;` from `Utils.java` returns the user input (without validation) as the segment to lookup. Even though checks are performed to avoid escaping the sandbox, given that the input was not sanitized `\` are not properly handled and an attacker can build a path that is valid within the classpath. This issue only affects users deploying in windows environments and upgrading is the advised remediation path. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-0809 | 1 Eclipse | 1 Mosquitto | 2024-11-21 | N/A | 5.8 MEDIUM |
| In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. | |||||
| CVE-2022-2838 | 1 Eclipse | 1 Sphinx | 2024-11-21 | N/A | 5.3 MEDIUM |
| In Eclipse Sphinxâ„¢ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests. | |||||
| CVE-2022-2576 | 1 Eclipse | 1 Californium | 2024-11-21 | N/A | 7.5 HIGH |
| In Eclipse Californium version 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back to a DTLS full handshake on a parameter mismatch without using a HelloVerifyRequest. Especially, if used with certificate based cipher suites, that results in message amplification (DDoS other peers) and high CPU load (DoS own peer). The misbehavior occurs only with DTLS_VERIFY_PEERS_ON_RESUMPTION_THRESHOLD values larger than 0. | |||||
| CVE-2022-2191 | 1 Eclipse | 1 Jetty | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths. | |||||
| CVE-2022-2048 | 4 Debian, Eclipse, Jenkins and 1 more | 8 Debian Linux, Jetty, Jenkins and 5 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests. | |||||
| CVE-2022-2047 | 3 Debian, Eclipse, Netapp | 7 Debian Linux, Jetty, Element Plug-in For Vcenter Server and 4 more | 2024-11-21 | 4.0 MEDIUM | 2.7 LOW |
| In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario. | |||||
| CVE-2022-25897 | 1 Eclipse | 1 Milo | 2024-11-21 | N/A | 5.9 MEDIUM |
| The package org.eclipse.milo:sdk-server before 0.6.8 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False. | |||||
| CVE-2022-0673 | 1 Eclipse | 1 Lemminx | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal. | |||||
| CVE-2022-0672 | 1 Eclipse | 1 Lemminx | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user. | |||||
| CVE-2021-41042 | 1 Eclipse | 1 Lyo | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Eclipse Lyo versions 1.0.0 to 4.1.0, a TransformerFactory is initialized with the defaults that do not restrict DTD loading when working with RDF/XML. This allows an attacker to cause an external DTD to be retrieved. | |||||
| CVE-2021-41041 | 2 Eclipse, Oracle | 2 Openj9, Java Se | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles. | |||||
| CVE-2021-41040 | 1 Eclipse | 1 Wakaama | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Eclipse Wakaama, ever since its inception until 2021-01-14, the CoAP parsing code does not properly sanitize network-received data. | |||||
| CVE-2021-41039 | 1 Eclipse | 1 Mosquitto | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service. | |||||
| CVE-2021-41038 | 1 Eclipse | 1 Theia | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| In versions of the @theia/plugin-ext component of Eclipse Theia prior to 1.18.0, Webview contents can be hijacked via postMessage(). | |||||
| CVE-2021-41037 | 1 Eclipse | 1 Equinox P2 | 2024-11-21 | 6.8 MEDIUM | 10.0 CRITICAL |
| In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the local machine via touchpoints during installation. Those touchpoints can, for example, alter the command-line used to start the application, injecting things like agent or other settings that usually require particular attention in term of security. Although p2 has built-in strategies to ensure artifacts are signed and then to help establish trust, there is no such strategy for the metadata part that does configure such touchpoints. As a result, it's possible to install a unit that will run malicious code during installation without user receiving any warning about this installation step being risky when coming from untrusted source. | |||||
| CVE-2021-41036 | 1 Eclipse | 1 Paho Mqtt C\/c\+\+ Client | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In versions prior to 1.1 of the Eclipse Paho MQTT C Client, the client does not check rem_len size in readpacket. | |||||
| CVE-2021-41035 | 1 Eclipse | 1 Openj9 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. | |||||