CVE-2018-12545

🗓️ 04 Apr 2019 06:20:00Reported by redhat.comType

redhatcve

redhatcve🔗 access.redhat.com👁 31 Views

Eclipse Jetty 9.3.x and 9.4.x vulnerable to Denial of Service due to handling large or many small SETTINGs frame

Reporter	Title	Published	Views	Family All 37
IBM Security Bulletins	Security Bulletin: IBM Cognos Analytics is affected by multiple vulnerabilities	15 Apr 202503:05	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Command Center is affected by multiple vulnerabilities	4 May 202320:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities	7 Oct 202020:49	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect IBM InfoSphere Information Server	11 Sep 201919:44	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Eclipse Jetty affecting Rational Functional Tester	17 Sep 201919:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Process Mining is vulnerable to DOS due to Eclipse Jetty CVE-2018-12545	1 Feb 202321:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Jasper used in Jetty 8.1.3 Server where Rational Synergy is deployed	22 Dec 202018:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Netcool Agile Service Manager is affected by a Jetty vulnerability (CVE-2018-12545)	16 Jul 201905:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities	29 Jun 202123:59	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Protect is vulnerable to multiple attacks due to http2-server and http2-common	21 Jun 202318:13	–	ibm

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2018-12545
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

24 Jan 2024 16:10Current

3Low risk

Vulners AI Score3

CVSS 25

CVSS 3.17.5

CVSS 33.7

EPSS0.0354

eclipse jetty denial of service settings frames vulnerability