Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.10 views

RHCOS 4 : OpenShift Container Platform 4.7.11 (RHSA-2021:1551)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1551 advisory. - golang: math/big: panic during recursive division of very large numbers CVE-2020-28362 - golang: crypto/elliptic: incorrect...

7.8CVSS7.2AI score0.53861EPSS
Exploits2References14
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-28163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the...

4CVSS6.2AI score0.0418EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/07 7:54 p.m.58 views

Security Bulletin: Common vulnerabilities fixed in Cloudera Data Platform 7.1.9 HF2

Summary Fixes to common vulnerabilities discovered in Cloudera Data Platform 7.1.9 are available to download from Cloudera. Vulnerability Details CVEID:CVE-2021-28170 DESCRIPTION: Eclipse EE4J Jakarta Expression Language could allow a remote attacker to bypass security restrictions, caused by a...

7.3CVSS7.4AI score0.7795EPSS
Exploits3Affected Software1
Broadcom
Broadcom
added 2024/05/01 12:0 a.m.14 views

Statement on Jetty vulnerabilities in Brocade SANav

A Security Researcher performing penetration testing raises CVEs in the Jetty version used by Brocade SANnav v2.1.1. Brocade Statement All supported versions of Brocade SANnav do not directly use Jetty. The code is present within some versions of the SANnav product as it is contained within other...

9.4CVSS5.8AI score0.99298EPSS
Exploits19
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/15 1:35 p.m.59 views

Security Bulletin: Multiple Eclipse Jetty Vulnerabilities Affect IBM Analytic Accelerator Framework for Communication Service Providers & IBM Customer and Network Analytics

Summary Eclipse Jetty is used in the solution's microservices bis, auth, analytics, cna as the engine of the HTTP server, underpinning APIs and UI. Several CVEs were found in the version used. These vulnerabilities are addressed. Vulnerability Details CVEID:CVE-2021-28169 DESCRIPTION: Eclipse Jet...

7.8CVSS6.5AI score0.99298EPSS
Exploits16Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.6 views

SUSE CVE-2021-28163

In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that...

5.9CVSS8.6AI score0.0418EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/29 8:34 p.m.157 views

Security Bulletin: Vulnerabilities in Eclipse Jetty affect Rational Service Tester (CVE-2021-28169, CVE-2021-34428, CVE-2021-28163, CVE-2021-28164, CVE-2021-34429, CVE-2021-28165)

Summary There are vulnerabilities in Eclipse Jetty that affect Rational Service Tester. Rational Service Tester has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2021-28169 DESCRIPTION: Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw ...

7.8CVSS6.4AI score0.99298EPSS
Exploits16Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/29 6:27 a.m.79 views

Security Bulletin: An Eclipse Jetty vulnerability affects IBM Rational Functional Tester

Summary There are multiple vulnerabilities in Eclipse Jetty used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-28169 DESCRIPTION: Eclipse Jetty could allow a remote attacker to obtain sensitive information, cause...

7.8CVSS7.2AI score0.99298EPSS
Exploits16Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/10/04 12:0 a.m.599 views

Jetty < 9.4.39 Multiple Vulnerabilities

According to its self-reported version number, the instance of Jetty hosted on the remote web server is prior to 9.4.39, 10.0.x prior to 10.0.2 or 11.0.x prior to 11.0.2. It is, therefore, affected by multiple vulnerabilities: - An issue where CPU usage can reach 100% with a large invalid TLS...

7.8CVSS6.6AI score0.82371EPSS
Exploits9References6
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/14 6:24 p.m.43 views

Security Bulletin: IBM Security SOAR is using a component with known vulnerabilities - Eclipse Jetty ( CVE-2021-28163, CVE-2021-28165, CVE-2020-27223)

Summary IBM Security SOAR includes an older version of Eclipse Jetty that may be identified and exploited. Vulnerability Details CVEID: CVE-2021-28163 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when the $jetty.base...

7.8CVSS0.2AI score0.7795EPSS
Exploits2
OpenVAS
OpenVAS
added 2021/07/13 12:0 a.m.38 views

openSUSE: Security Advisory for jetty-minimal (openSUSE-SU-2021:2005-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS6.7AI score0.82371EPSS
Exploits11References2
RedHat Linux
RedHat Linux
added 2021/07/12 12:12 p.m.138 views

Moderate: Red Hat Security Advisory: Red Hat AMQ Broker 7.8.2 release and security update

Red Hat AMQ Broker 7.8.2 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

7.8CVSS6.7AI score0.82371EPSS
Exploits10References11
OPENSUSE Linux
OPENSUSE Linux
added 2021/07/11 12:0 a.m.110 views

Security update for jetty-minimal (important)

openSUSE Security Update: Security update for jetty-minimal Announcement ID: openSUSE-SU-2021:2005-1 Rating: important References: 1184366 1184367 1184368 1187117 Cross-References: CVE-2021-28163 CVE-2021-28164 CVE-2021-28165 CVE-2021-28169 CVSS scores: CVE-2021-28163 NVD : 2.7...

7.5CVSS7.6AI score0.82371EPSS
Exploits11References4
OpenVAS
OpenVAS
added 2021/06/18 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2021:2005-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.2AI score0.82371EPSS
Exploits11References2
OSV
OSV
added 2021/06/17 4:4 p.m.17 views

SUSE-SU-2021:2005-1 Security update for jetty-minimal

This update for jetty-minimal fixes the following issues: Update to version 9.4.42.v20210604 - Fix: bsc1187117, CVE-2021-28169 - possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory - Fix: bsc1184367, CVE-2021-28165 - jet...

7.8CVSS4.9AI score0.82371EPSS
Exploits11References9
Tenable Nessus
Tenable Nessus
added 2021/05/20 12:0 a.m.56 views

RHEL 7 / 8 : OpenShift Container Platform 4.7.11 (RHSA-2021:1551)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1551 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

7.8CVSS7.2AI score0.53861EPSS
Exploits2References14
RedHat Linux
RedHat Linux
added 2021/05/13 3:15 p.m.107 views

Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 1.6.4 release and security update

Red Hat AMQ Streams 1.6.4 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.8CVSS6.6AI score0.82371EPSS
Exploits9References6
RedHat Linux
RedHat Linux
added 2021/05/06 5:45 p.m.98 views

Moderate: Red Hat Security Advisory: rh-eclipse-jetty security update

An update for rh-eclipse-jetty is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.8CVSS6.6AI score0.82371EPSS
Exploits9References5
OpenVAS
OpenVAS
added 2021/05/01 12:0 a.m.30 views

Fedora: Security Advisory for jetty (FEDORA-2021-fd66b2bd53)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

4CVSS5.8AI score0.0418EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2021/04/01 6:17 p.m.38 views

CVE-2021-28163

If the $jetty.base directory or the $jetty.base/webapps directory is a symlink the contents of the $jetty.base/webapps directory may be deployed as a static web application, exposing the content of the directory for download. The highest threat from this vulnerability is to data confidentiality...

4CVSS1.7AI score0.0418EPSS
Exploits1References4
Rows per page
Query Builder