Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2020/12/22 6:18 p.m.60 views

Security Bulletin: Multiple vulnerabilities in Jasper used in Jetty 8.1.3 Server where Rational Synergy is deployed

Summary There are multiple vulnerabilities in Jasper, Version 2 Service Refresh 2 Fix Pack 2, used by Jetty 8.1.3 is affecting IBM Rational Synergy. Vulnerability Details The following are the list of vulnerabilities affecting IBM Rational Synergy: CVEID: CVE-2018-12538 DESCRIPTION: Eclipse Jetty...

9.8CVSS0.6AI score0.20985EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/05 12:53 a.m.57 views

Security Bulletin: Multiple Security Vulnerabilities in Jetty Affect IBM Sterling B2B Integrator

Summary There are multiple security vulnerabilities in Jetty that affect IBM Sterling B2B Integrator Vulnerability Details CVEID: CVE-2017-7658 DESCRIPTION: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a...

9.8CVSS0.4AI score0.20985EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2018/07/15 12:0 a.m.47 views

Fedora Update for jetty FEDORA-2018-93a507fd0f

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.20985EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/07/13 12:0 a.m.64 views

Fedora 27 : jetty (2018-93a507fd0f)

Update to upstream version 9.4.11. Fixes CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-2018-12538. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

9.8CVSS6.7AI score0.20985EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2018/06/26 10:48 p.m.37 views

CVE-2018-12538

In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's...

8.8CVSS0.8AI score0.02689EPSS
Exploits0References2
CVE
CVE
added 2018/06/22 7:0 p.m.143 views

CVE-2018-12538

CVE-2018-12538 affects Eclipse Jetty 9.4.0–9.4.8 when using the FileSessionDataStore for HttpSession persistence. A malicious user could hijack or delete other users’ sessions via the FileSystem storage, due to a flaw in the FileSessionDataStore. Remediation noted in public advisories: upgrade Je...

8.8CVSS8.4AI score0.02689EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder