12 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-10247
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will...
K41412302: Jetty vulnerability CVE-2019-10247
Security Advisory Description In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not...
[SECURITY] [DLA 2661-1] jetty9 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2661-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler May 14, 2021 https://wiki.debian.org/LTS -...
The vulnerability of Eclipse Jetty servlet containers, related to the lack of protection for service data, allows attackers to exploit the protected information.
The vulnerability of Eclipse Jetty servlet containers is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose protected information by specifying the full path to the base resources in Windows...
GHSA-R28M-G6J9-R2H5 Information Exposure vulnerability in Eclipse Jetty
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted t...
Installation information leak in Eclipse Jetty
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches...
CVE-2019-10246
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted t...
UBUNTU-CVE-2019-10247
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches...
Design/Logic Flaw
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches...
CVE-2019-10247
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches...
CVE-2019-10247
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches...
Eclipse Jetty Server Information Disclosure Vulnerability
Eclipse Jetty Server is the Eclipse Foundation of an open source , Java-based Web server and Java Servlet container . An information disclosure vulnerability exists in Eclipse Jetty Server version 9.x that stems from an error response with an InvalidPathException message containing sensitive...