Lucene search
EclipseCVELIST:CVE-2020-27225HistoryMar 09, 2021 - 6:15 p.m.
CVE-2020-27225
2021-03-0918:15:16
CWE-306
eclipse
www.cve.org
In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform process.
CNA Affected
[
{
"product": "Eclipse Platform",
"vendor": "The Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "4.18",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
redhatcve
redhatcve
CVE-2020-27225
2021-03-16 18:02:16
ubuntucve
ubuntucve
CVE-2020-27225
2021-03-09 00:00:00
suse
suse
Security update for eclipse (important)
2021-03-30 00:00:00
debiancve
debiancve
CVE-2020-27225
2021-03-09 19:15:00
ibm
ibm
prion
prion
Design/Logic Flaw
2021-03-09 19:15:00
nessus
nessus
openSUSE Security Update : eclipse (openSUSE-2021-485)
2021-04-05 00:00:00
RHEL 6 : eclipse (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 8 : eclipse (Unpatched Vulnerability)
2024-06-03 00:00:00
veracode
veracode
Privilege Escalation
2021-11-01 22:52:42
openvas
openvas
openSUSE: Security Advisory for eclipse (openSUSE-SU-2021:0485-1)
2021-04-16 00:00:00
Mageia: Security Advisory (MGASA-2021-0591)
2022-01-28 00:00:00
cve
cve
CVE-2020-27225
2021-03-09 19:15:12
mageia
mageia
Updated eclipse packages fix security vulnerability
2021-12-30 19:41:51
nvd
nvd
CVE-2020-27225
2021-03-09 19:15:12