DEBIAN-CVE-2019-17638

In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this doub...

UBUNTU-CVE-2019-17638

In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this doub...

CVE-2019-17638

In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this doub...

CVE-2019-17638

In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this doub...

Information Disclosure

undertow-core is vulnerable to information disclosure. The library does not properly flush the bytebuffer after handling response requests after the write function is called. The flushing function then proceeds to write out the contents of the writevBuffer which could contain sensitive informatio...

Apache Tomcat 8.5.7 < 8.5.11 / 9.0.0.M11 < 9.0.0.M17 nextRequest Information Disclosure

Binary data 700007.pasl...

Apache Tomcat information disclosure Vulnerability, CVE-2016-8747-a vulnerability warning-the black bar safety net

Release time: 2017-3-13 20:05:14 GMT Importance: medium Affected versions: Apache Tomcat 9.0.0. m11 to 9.0.0. m15 Apache Tomcat 8.5.7 to 8.5.9 Description: For a more extensive use of ByteBuffer in the refactoring introduced a regression that could cause the information on the same connection...

Information Disclosure

tomcat-coyote is vulnerable to information disclosure. The vulnerability is caused due to a regression introduced by a refactoring to widen the use of bytebuffer. Due to the flaw, when running behind a reverse proxy, the information leaks between requests on the same connection. All HTTP connecto...

Fixed in Apache Tomcat 8.5.11

Note: The issue below was fixed in Apache Tomcat 8.5.10 but the release vote for the 8.5.10 release candidate did not pass. Therefore, although users must download 8.5.11 to obtain a version that includes the fix for this issue, version 8.5.10 is not included in the list of affected versions...

Double free

The Java Message Service JMS in IBM WebSphere Application Server WAS before 6.1.0.7 allows attackers to cause a denial of service via unknown vectors involving the "double release of a bytebuffer input stream," possibly a double free vulnerability...

CVE-2007-1944

The Java Message Service JMS in IBM WebSphere Application Server WAS before 6.1.0.7 allows attackers to cause a denial of service via unknown vectors involving the "double release of a bytebuffer input stream," possibly a double free vulnerability...