EUVD-2022-2191

Malicious code in bioql PyPI...

Statement on Jetty vulnerabilities in Brocade SANav

A Security Researcher performing penetration testing raises CVEs in the Jetty version used by Brocade SANnav v2.1.1. Brocade Statement All supported versions of Brocade SANnav do not directly use Jetty. The code is present within some versions of the SANnav product as it is contained within other...

SUSE CVE-2022-2191

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths...

Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 2.3.0 release and security update

Red Hat AMQ Streams 2.3.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Security Bulletin: Rational Performance Tester contains vulnerabilities which could affect Eclipse Jetty. Rational Performance Tester has taken steps to mitigate these vulnerabilities.

Summary Eclipse Jetty contains a vulnerability around improper hostname input handling that could lead to failure in a proxy scenario, and a vulnerability that could lead to a potential denial of service attack. Vulnerability Details CVEID:CVE-2022-2191 DESCRIPTION: Eclipse Jetty is vulnerable to...

Security Bulletin: Multiple vulnerabilities in Zookeeper affecting IBM QRadar User Behavior Analytics (CVE-2022-2191, CVE-2022-2047, CVE-2022-2048, CVE-2022-24823, CVE-2020-36518)

Summary Multiple vulnerabilities exist in Zookeeper that are used by IBM QRadar User Behavior Analytics UBA. These vulnerabilities are addressed in UBA by upgrading to a version of Zookeeper and packages that are associated with Zookeeper that resolve the vulnerabilities. Vulnerability Details...

Eclipse Jetty DoS Vulnerability (GHSA-8mpp-f3f7-xc28) - Linux

Eclipse Jetty is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...

CVE-2022-2191

In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths...

CVE-2022-2191

CVE-2022-2191 affects Eclipse Jetty by failing to release ByteBuffers from ByteBufferPool in error paths in Jetty 10.0.0–10.0.9 and 11.0.0–11.0.9. The described root cause is a ByteBuffer lifecycle issue in SslConnection, leading to a potential denial of service with high availability impact. Pub...