Lucene search

CVE-2021-28168

🗓️ 22 Apr 2021 18:08:15Reported by eclipseType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 126 Views

Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 local information disclosure vulnerabilit

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 20
UbuntuCve	CVE-2021-28168	22 Apr 202100:00	–	ubuntucve
OSV	CVE-2021-28168	22 Apr 202118:15	–	osv
OSV	GHSA-C43Q-5HPJ-4CRV Local information disclosure via system temporary directory	23 Apr 202116:55	–	osv
Prion	Information disclosure	22 Apr 202118:15	–	prion
IBM Security Bulletins	Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to information disclosure vulnerability due to org.glassfish.jersey.core_jersey-common (CVE-2021-28168)	6 Jun 202306:31	–	ibm
IBM Security Bulletins	Security Bulletin: Common vulnerabilities fixed in Cloudera Data Platform 7.1.9 HF2	7 May 202419:52	–	ibm
IBM Security Bulletins	Security Bulletin: Mutiple Vulnerabilties Affecting Watson Machine Learning Accelerator on Cloud Pak for Data version	13 Nov 202315:22	–	ibm
IBM Security Bulletins	Security Bulletin: Netcool Operations Insight v1.6.7 contains fixes for multiple security vulnerabilities.	15 Dec 202209:13	–	ibm
Cvelist	CVE-2021-28168	22 Apr 202117:35	–	cvelist
RedhatCVE	CVE-2021-28168	23 Apr 202118:58	–	redhatcve

Nvd

Node

eclipse jerseyRange2.28–2.34

eclipse jerseyRange3.0.0–3.0.2

Node

oracle communications_cloud_native_core_policyMatch1.15.0

oracle communications_cloud_native_core_unified_data_repositoryMatch1.15.0

[
  {
    "product": "Eclipse Jersey",
    "vendor": "The Eclipse Foundation",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "2.28",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "2.33",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "3.0.0",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "3.0.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/eclipse-ee4j/jersey/pull/4712
github	www.github.com/eclipse-ee4j/jersey/security/advisories/GHSA-c43q-5hpj-4crv
lists	www.lists.apache.org/thread.html/rafc3c4cee534f478cbf8acf91e48373e291a21151f030e8132662a7b%40%3Cjira.kafka.apache.org%3E
lists	www.lists.apache.org/thread.html/ra2722171d569370a9e15147d9f3f6138ad9a188ee879c0156aa2d73a%40%3Cjira.kafka.apache.org%3E
lists	www.lists.apache.org/thread.html/rc6221670de35b819fe191e7d8f2d17bc000549bd554020cec644b71e%40%3Cjira.kafka.apache.org%3E
lists	www.lists.apache.org/thread.html/r4066176a7352e021d7a81af460044bde8d57f40e98f8e4a31923af3a%40%3Cjira.kafka.apache.org%3E
lists	www.lists.apache.org/thread.html/ra3d7cd37fc794981a885332af2f8df0d873753380ea19935d6d847fc%40%3Cdev.kafka.apache.org%3E
lists	www.lists.apache.org/thread.html/r6dadc8fe82071aba841d673ffadf34728bff4357796b1990a66e3af1%40%3Ccommits.kafka.apache.org%3E
oracle	www.oracle.com/security-alerts/cpuapr2022.html
lists	www.lists.apache.org/thread.html/r42fef440487a04cf5e487a9707ef5119d2dd5b809919f25ef4296fc4%40%3Cjira.kafka.apache.org%3E

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Apr 2021 18:15Current

6.3Medium risk

Vulners AI Score6.3

CVSS22.1

CVSS35.5 - 6.2

EPSS0.00158

cve-2021-28168 eclipse jersey information disclosure vulnerability nvd security file.createtempfile