4 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-27218
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is...
[SECURITY] [DLA 3641-1] jetty9 security update
Debian LTS Advisory DLA-3641-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany October 30, 2023 https://wiki.debian.org/LTS Package : jetty9 Version : 9.4.50-4+deb10u1 CVE ID : CVE-2020-27218 CVE-2023-36478 CVE-2023-44487 Debian Bug : 976211 Two remotely exploitab...
SUSE CVE-2020-27218
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that ...
Security Bulletin: Vulnerabilities in Apache HttpClient and Eclipse Jetty Affect IBM Control Center (CVE-2020-13956, CVE-2020-27218)
Summary Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request. Eclipse Jetty could allow a remote attacker to bypass security restrictions, caused by a flaw when GZIP request body inflation is...