Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2021-2005.NASL
HistoryJul 16, 2021 - 12:00 a.m.

openSUSE 15 Security Update : jetty-minimal (openSUSE-SU-2021:2005-1)

2021-07-1600:00:00
This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
JSON

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2005-1 advisory.

  • In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that directory.
    (CVE-2021-28163)

  • In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. (CVE-2021-28164)

  • In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame. (CVE-2021-28165)

  • For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to /concat?/%2557EB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. (CVE-2021-28169)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from
# openSUSE Security Update openSUSE-SU-2021:2005-1. The text itself
# is copyright (C) SUSE.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(151741);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/01/20");

  script_cve_id(
    "CVE-2021-28163",
    "CVE-2021-28164",
    "CVE-2021-28165",
    "CVE-2021-28169"
  );

  script_name(english:"openSUSE 15 Security Update : jetty-minimal (openSUSE-SU-2021:2005-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in
the openSUSE-SU-2021:2005-1 advisory.

  - In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a
    webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp,
    inadvertently serving the webapps themselves and anything else that might be in that directory.
    (CVE-2021-28163)

  - In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with
    URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For
    example a request to /context/%2e/WEB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive
    information regarding the implementation of a web application. (CVE-2021-28164)

  - In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can
    reach 100% upon receiving a large invalid TLS frame. (CVE-2021-28165)

  - For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the
    ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For
    example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal
    sensitive information regarding the implementation of a web application. (CVE-2021-28169)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1184366");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1184367");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1184368");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187117");
  # https://lists.opensuse.org/archives/list/[email protected]/thread/U4KKN3NUA6VAZ6XTFLI3KB3IHAPVD46L/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a7c84753");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-28163");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-28164");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-28165");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-28169");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-28169");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"d2_elliot_name", value:"Jetty WEB-INF File Disclosure");
  script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/04/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/07/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/07/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-annotations");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-continuation");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-http");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-io");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-jaas");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-javax-websocket-client-impl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-javax-websocket-server-impl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-jmx");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-jndi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-jsp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-minimal-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-openid");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-plus");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-proxy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-security");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-servlet");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-util");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-util-ajax");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-webapp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-websocket-api");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-websocket-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-websocket-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-websocket-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-websocket-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-websocket-servlet");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:jetty-xml");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.3");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('audit.inc');
include('global_settings.inc');
include('misc_func.inc');
include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item('Host/SuSE/release');
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, 'openSUSE');
os_ver = pregmatch(pattern: "^SUSE([\d.]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');
os_ver = os_ver[1];
if (release !~ "^(SUSE15\.3)$") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);

pkgs = [
    {'reference':'jetty-annotations-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-client-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-continuation-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-http-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-io-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-jaas-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-javax-websocket-client-impl-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-javax-websocket-server-impl-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-jmx-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-jndi-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-jsp-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-minimal-javadoc-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-openid-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-plus-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-proxy-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-security-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-server-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-servlet-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-util-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-util-ajax-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-webapp-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-websocket-api-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-websocket-client-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-websocket-common-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-websocket-javadoc-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-websocket-server-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-websocket-servlet-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'jetty-xml-9.4.42-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}
];

flag = 0;
foreach package_array ( pkgs ) {
  reference = NULL;
  release = NULL;
  cpu = NULL;
  rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) release = package_array['release'];
  if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && release) {
    if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'jetty-annotations / jetty-client / jetty-continuation / jetty-http / etc');
}
VendorProductVersionCPE
novellopensusejetty-annotationsp-cpe:/a:novell:opensuse:jetty-annotations
novellopensusejetty-clientp-cpe:/a:novell:opensuse:jetty-client
novellopensusejetty-continuationp-cpe:/a:novell:opensuse:jetty-continuation
novellopensusejetty-httpp-cpe:/a:novell:opensuse:jetty-http
novellopensusejetty-iop-cpe:/a:novell:opensuse:jetty-io
novellopensusejetty-jaasp-cpe:/a:novell:opensuse:jetty-jaas
novellopensusejetty-javax-websocket-client-implp-cpe:/a:novell:opensuse:jetty-javax-websocket-client-impl
novellopensusejetty-javax-websocket-server-implp-cpe:/a:novell:opensuse:jetty-javax-websocket-server-impl
novellopensusejetty-jmxp-cpe:/a:novell:opensuse:jetty-jmx
novellopensusejetty-jndip-cpe:/a:novell:opensuse:jetty-jndi
Rows per page:
1-10 of 291

Related

suse 1
nessus 17
ibm 37
redhat 16
attackerkb 1
cve 5
osv 14
prion 5
github 5
srcincite 1
f5 2
freebsd 1
veracode 4
debiancve 5
atlassian 1
ubuntucve 5
debian 1
githubexploit 3
fedora 3
seebug 1
amazon 1
redhatcve 5
nuclei 3
packetstorm 1
dsquare 1
zdt 1
exploitdb 1
metasploit 1
rapid7blog 1
oracle 5
suse
suse
Security update for jetty-minimal (important)
2021-07-11 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : jetty-minimal (SUSE-SU-2021:2005-1)
2021-06-21 00:00:00
Jetty 11.0.x < 11.0.2 Multiple Vulnerabilities
2021-10-04 00:00:00
RHEL 7 : rh-eclipse-jetty (RHSA-2021:1509)
2021-05-06 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect IBM Installation Manager and IBM Packaging Utility
2021-06-24 16:12:12
Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - Eclipse Jetty (CVE-2021-28163, CVE-2021-28164, CVE-2021-28165)
2021-06-15 19:15:39
Security Bulletin: Vulnerabilities in Eclipse Jetty affect Rational Performance Tester (CVE-2021-28169, CVE-2021-34428, CVE-2021-28163, CVE-2021-28164, CVE-2021-34429, CVE-2021-28165)
2022-07-29 20:31:30
redhat
redhat
(RHSA-2021:1560) Moderate: Red Hat AMQ Streams 1.6.4 release and security update
2021-05-13 15:12:11
(RHSA-2021:1509) Moderate: rh-eclipse-jetty security update
2021-05-05 13:15:00
(RHSA-2021:3225) Moderate: Red Hat AMQ Streams 1.8.0 release and security update
2021-08-19 07:14:27
attackerkb
attackerkb
CVE-2021-28169
2021-06-09 00:00:00
cve
cve
CVE-2021-28165
2021-04-01 15:15:00
CVE-2021-28169
2021-06-09 02:15:00
CVE-2021-28163
2021-04-01 15:15:00
osv
osv
jetty9 - security update
2021-06-17 00:00:00
Jetty Utility Servlets ConcatServlet Double Decoding Information Disclosure Vulnerability
2021-06-10 15:43:22
BIT-jenkins-2021-28165
2024-03-06 10:58:50
prion
prion
Design/Logic Flaw
2021-04-01 15:15:00
Path traversal
2021-06-09 02:15:00
Design/Logic Flaw
2021-04-01 15:15:00
github
github
Jetty Utility Servlets ConcatServlet Double Decoding Information Disclosure Vulnerability
2021-06-10 15:43:22
Jetty vulnerable to incorrect handling of invalid large TLS frame, exhausting CPU resources
2021-04-06 17:31:30
Directory exposure in jetty
2021-04-06 17:32:00
srcincite
srcincite
SRC-2021-0017 : Jetty Utility Servlets ConcatServlet Double Decoding Information Disclosure Vulnerability
2021-05-05 00:00:00
f5
f5
K15338344 : Eclipse Jetty vulnerability CVE-2021-28165
2021-10-15 00:00:00
K51048910 : Eclipse Jetty vulnerability CVE-2021-28169
2022-04-06 00:00:00
freebsd
freebsd
jenkins -- Denial of service vulnerability in bundled Jetty
2021-04-20 00:00:00
veracode
veracode
Denial Of Service (DoS)
2021-04-07 05:52:43
Information Disclosure
2021-06-11 07:28:32
Directory Traversal
2021-04-05 05:36:11
debiancve
debiancve
CVE-2021-28165
2021-04-01 15:15:00
CVE-2021-28169
2021-06-09 02:15:00
CVE-2021-28163
2021-04-01 15:15:00
atlassian
atlassian
DoS (Denial of Service) org.eclipse.jetty:jetty-io in Jira Software Data Center and Server
2023-09-26 16:17:04
ubuntucve
ubuntucve
CVE-2021-28169
2021-06-09 00:00:00
CVE-2021-28165
2021-04-01 00:00:00
CVE-2021-28163
2021-04-01 00:00:00
debian
debian
[SECURITY] [DLA 2688-1] jetty9 security update
2021-06-17 18:46:57
githubexploit
githubexploit
Exploit for CVE-2021-28169
2023-10-31 10:46:23
Exploit for CVE-2021-28169
2023-11-27 07:25:34
Exploit for Improper Handling of Exceptional Conditions in Eclipse Jetty
2023-10-31 10:39:28
fedora
fedora
[SECURITY] Fedora 34 Update: jetty-9.4.40-1.fc34
2021-04-30 00:55:53
[SECURITY] Fedora 32 Update: jetty-9.4.40-1.fc32
2021-04-29 01:22:35
[SECURITY] Fedora 33 Update: jetty-9.4.40-1.fc33
2021-04-29 00:58:05
seebug
seebug
Eclipse Jetty 信息泄露漏洞(CVE-2021-28169)
2021-06-09 00:00:00
amazon
amazon
Medium: jetty
2024-01-03 21:04:00
redhatcve
redhatcve
CVE-2021-28165
2021-04-01 18:17:35
CVE-2021-28169
2021-06-11 17:12:18
CVE-2021-28164
2021-04-01 18:17:28
nuclei
nuclei
Eclipse Jetty ConcatServlet - Information Disclosure
2021-06-24 16:00:02
Eclipse Jetty - Information Disclosure
2021-06-09 06:07:03
Eclipse Jetty - Information Disclosure
2021-07-22 09:53:19
packetstorm
packetstorm
Jetty 9.4.37.v20210219 Information Disclosure
2021-10-22 00:00:00
dsquare
dsquare
Jetty WEB-INF File Disclosure
2021-05-07 00:00:00
zdt
zdt
Jetty 9.4.37.v20210219 - Information Disclosure Vulnerability
2021-10-22 00:00:00
exploitdb
exploitdb
Jetty 9.4.37.v20210219 - Information Disclosure
2021-10-22 00:00:00
metasploit
metasploit
Jetty WEB-INF File Disclosure
2021-11-08 19:04:08
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-11-19 19:51:17
oracle
oracle
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00
Oracle Critical Patch Update Advisory - January 2022
2022-01-18 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
JSON
Related for OPENSUSE-2021-2005.NASL
suse1nessus17ibm37redhat16attackerkb1cve5osv14prion5github5srcincite1f52freebsd1veracode4debiancve5atlassian1ubuntucve5debian1githubexploit3fedora3seebug1amazon1redhatcve5nuclei3packetstorm1dsquare1zdt1exploitdb1metasploit1rapid7blog1oracle5