Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

RHCOS 4 : OpenShift Container Platform 4.6.36 (RHSA-2021:2499)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2499 advisory. - jetty: local temporary directory hijacking vulnerability CVE-2020-27216 - jetty: buffer not correctly recycled in Gzip Request...

7CVSS6.9AI score0.7795EPSS
Exploits1References9
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/11 8:59 p.m.13 views

Security Bulletin: Due to the use of jetty IBM webMethods BPM is vulnerable to multiple vulnerabilities

Summary IBM webMethods BPM is dependant on jetty which is affected by known vulnerabilities CVE-2020-27223, CVE-2021-28169, CVE-2022-2047, CVE-2023-26049, CVE-2023-36478, CVE-2023-40167 Vulnerability Details CVEID:CVE-2020-27223 DESCRIPTION: In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114...

7.5CVSS6AI score0.7848EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2020-27223

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 inclusive, 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large...

5.3CVSS6.9AI score0.7795EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.45 views

RHEL 8 : jetty (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jetty: local temporary directory hijacking vulnerability CVE-2020-27216 - jetty: buffer not correctly...

7CVSS7.3AI score0.08113EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/07 7:54 p.m.58 views

Security Bulletin: Common vulnerabilities fixed in Cloudera Data Platform 7.1.9 HF2

Summary Fixes to common vulnerabilities discovered in Cloudera Data Platform 7.1.9 are available to download from Cloudera. Vulnerability Details CVEID:CVE-2021-28170 DESCRIPTION: Eclipse EE4J Jakarta Expression Language could allow a remote attacker to bypass security restrictions, caused by a...

7.3CVSS7.4AI score0.7795EPSS
Exploits3Affected Software1
Broadcom
Broadcom
added 2024/05/01 12:0 a.m.14 views

Statement on Jetty vulnerabilities in Brocade SANav

A Security Researcher performing penetration testing raises CVEs in the Jetty version used by Brocade SANnav v2.1.1. Brocade Statement All supported versions of Brocade SANnav do not directly use Jetty. The code is present within some versions of the SANnav product as it is contained within other...

9.4CVSS5.8AI score0.99298EPSS
Exploits19
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/30 5:6 a.m.48 views

Security Bulletin: Multiple Vulnerabilities were detected in IBM Secure External Authentication Server

Summary There are multiple vulnerabilities in IBM Secure External Authentication Server. IBM Secure External Authentication Server has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-29725 DESCRIPTION: IBM Sterling Secure Proxy could allow a remote user to consume resources...

7.5CVSS0.6AI score0.7795EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/30 5:3 a.m.38 views

Security Bulletin: CVE-2020-27223 when Jetty handles a request containing multiple Accept headers the server may enter a denial of service (DoS) state

Summary when Jetty handles a request containing multiple Accept headers with a large number of quality i.e. q parameters, the server may enter a denial of service DoS state due to high CPU usage processing those quality values Vulnerability Details CVEID: CVE-2020-27223 DESCRIPTION: Eclipse Jetty...

5.3CVSS0.2AI score0.7795EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/14 6:24 p.m.43 views

Security Bulletin: IBM Security SOAR is using a component with known vulnerabilities - Eclipse Jetty ( CVE-2021-28163, CVE-2021-28165, CVE-2020-27223)

Summary IBM Security SOAR includes an older version of Eclipse Jetty that may be identified and exploited. Vulnerability Details CVEID: CVE-2021-28163 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when the $jetty.base...

7.8CVSS0.2AI score0.7795EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2021/07/12 12:12 p.m.135 views

Moderate: Red Hat Security Advisory: Red Hat AMQ Broker 7.8.2 release and security update

Red Hat AMQ Broker 7.8.2 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

7.8CVSS6.7AI score0.82371EPSS
Exploits10References11
RedHat Linux
RedHat Linux
added 2021/07/02 12:20 a.m.101 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.5.41 security update

Red Hat OpenShift Container Platform release 4.5.41 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...

8.1CVSS6.7AI score0.7795EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2021/07/02 12:0 a.m.40 views

RHEL 7 : OpenShift Container Platform 4.5.41 (RHSA-2021:2431)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2431 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

8.1CVSS7.3AI score0.7795EPSS
Exploits1References17
RedHat Linux
RedHat Linux
added 2021/06/29 6:18 a.m.126 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.36 security update

An update for cri-o, jenkins, openshift-clients, and openshift-kuryr is now available for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7CVSS6.8AI score0.7795EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/06/29 12:0 a.m.51 views

RHEL 8 : OpenShift Container Platform 4.6.36 (RHSA-2021:2499)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2499 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

7CVSS7.4AI score0.7795EPSS
Exploits1References9
Check Point Advisories
Check Point Advisories
added 2021/04/05 12:0 a.m.6 views

Eclipse Jetty Denial Of Service (CVE-2020-27223)

A denial-of-service vulnerability exists in Eclipse Jetty. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

4.3CVSS4.7AI score0.7795EPSS
Exploits0
OSV
OSV
added 2021/03/24 11:25 a.m.10 views

SUSE-SU-2021:0940-1 Security update for jetty-minimal

This update for jetty-minimal fixes the following issues: - jetty-minimal was upgraded to version 9.4.38.v20210224 - CVE-2020-27223: Fixed an issue with Accept request header which might have led to Denial of Service bsc1182898...

5.3CVSS6.1AI score0.7795EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/03/02 12:0 a.m.21 views

Eclipse Jetty DoS Vulnerability (GHSA-m394-8rww-3jr7) - Linux

Eclipse Jetty is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...

5.3CVSS5.9AI score0.7795EPSS
Exploits0References2
OSV
OSV
added 2021/02/26 10:15 p.m.35 views

CVE-2020-27223

In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 inclusive, 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” i.e. q parameters, the server may enter a denial of service DoS state due to high CPU usage processing those quality...

5.3CVSS6.5AI score
Exploits0References67
Cvelist
Cvelist
added 2021/02/26 9:55 p.m.28 views

CVE-2020-27223

In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 inclusive, 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” i.e. q parameters, the server may enter a denial of service DoS state due to high CPU usage processing those quality...

5.2CVSS5.8AI score0.7795EPSS
Exploits0References67
CVE
CVE
added 2021/02/26 9:55 p.m.400 views

CVE-2020-27223

CVE-2020-27223 affects Eclipse Jetty 9.4.6.v20170531–9.4.36.v20210114, 10.0.0, and 11.0.0, where handling requests with multiple Accept headers and many quality (q) values can cause high CPU usage and a DoS. Public sources consistently describe CPU exhaustion as the impact. Remediation is to upgr...

5.3CVSS5.2AI score0.7795EPSS
Exploits0References67Affected Software1
Rows per page
Query Builder