Lucene search
K

9 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2020/11/27 6:36 p.m.30 views

Security Bulletin: IBM Content Classification is affected by a Eclipse Jetty (Publicly disclosed vulnerability)

Summary In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v20191118, the generation of default unhandled Error response content in text/html and text/json Content-Type does not escape Exception messages in stacktraces included in error output. Vulnerability Details CVEID:...

6.1CVSS0.9AI score0.01905EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/01/17 12:0 a.m.48 views

Fedora 31 : jetty (2020-4913d43d77)

Security fix for CVE-2019-17632 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

6.1CVSS7AI score0.01905EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/11/27 12:0 a.m.128 views

Eclipse Jetty XSS Vulnerability (CVE-2019-17632) - Linux

Eclipse Jetty is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...

6.1CVSS6.2AI score0.01905EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/11/27 12:0 a.m.23 views

Eclipse Jetty XSS Vulnerability (CVE-2019-17632) - Windows

Eclipse Jetty is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...

6.1CVSS6.2AI score0.01905EPSS
Exploits0References1
NVD
NVD
added 2019/11/25 10:15 p.m.17 views

CVE-2019-17632

In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v20191118, the generation of default unhandled Error response content in text/html and text/json Content-Type does not escape Exception messages in stacktraces included in error output...

6.1CVSS6.2AI score0.01905EPSS
Exploits0References4
OSV
OSV
added 2019/11/25 10:15 p.m.2 views

DEBIAN-CVE-2019-17632

In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v20191118, the generation of default unhandled Error response content in text/html and text/json Content-Type does not escape Exception messages in stacktraces included in error output...

6.1CVSS6.9AI score0.01905EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/11/25 10:15 p.m.21 views

CVE-2019-17632

In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v20191118, the generation of default unhandled Error response content in text/html and text/json Content-Type does not escape Exception messages in stacktraces included in error output...

6.1CVSS6.8AI score0.01905EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2019/11/25 9:56 p.m.35 views

CVE-2019-17632

In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v20191118, the generation of default unhandled Error response content in text/html and text/json Content-Type does not escape Exception messages in stacktraces included in error output...

6.1CVSS6.5AI score0.01905EPSS
Exploits0
CVE
CVE
added 2019/11/25 9:56 p.m.130 views

CVE-2019-17632

CVE-2019-17632 affects Eclipse Jetty 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v20191118. The issue: default unhandled error responses (text/html/text/json) may include unescaped exception messages in stacktraces, enabling leakage or potential cross-site scripting via error output. Connected...

6.1CVSS6.2AI score0.01905EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder