109 matches found
CVE-2018-12541
In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There should be a reasonnable limit 8192 bytes above which the WebSocket gets an HTTP response with the...
CVE-2018-12544
In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML type validator creates XML parsers without taking appropriate defense against XML attacks. This mechanism is exclusively when the developer uses the Eclipse Vert.x OpenAPI XML type validator to validate a provided schema...
CVE-2018-12542
In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the StaticHandler uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '' forward slashes sequences that can resolve to a location that is outside of that directory when...
Design/Logic Flaw
In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML type validator creates XML parsers without taking appropriate defense against XML attacks. This mechanism is exclusively when the developer uses the Eclipse Vert.x OpenAPI XML type validator to validate a provided schema...
CVE-2018-12541
In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There should be a reasonnable limit 8192 bytes above which the WebSocket gets an HTTP response with the...
CVE-2018-12541
In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There should be a reasonnable limit 8192 bytes above which the WebSocket gets an HTTP response with the...
Design/Logic Flaw
In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the StaticHandler uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '' forward slashes sequences that can resolve to a location that is outside of that directory when...
Design/Logic Flaw
In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There should be a reasonnable limit 8192 bytes above which the WebSocket gets an HTTP response with the...
CVE-2018-12542
In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the StaticHandler uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '' forward slashes sequences that can resolve to a location that is outside of that directory when...
CVE-2018-12544
In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML type validator creates XML parsers without taking appropriate defense against XML attacks. This mechanism is exclusively when the developer uses the Eclipse Vert.x OpenAPI XML type validator to validate a provided schema...
CVE-2018-12544
In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML type validator creates XML parsers without taking appropriate defense against XML attacks. This mechanism is exclusively when the developer uses the Eclipse Vert.x OpenAPI XML type validator to validate a provided schema...
CVE-2018-12542
In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the StaticHandler uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '' forward slashes sequences that can resolve to a location that is outside of that directory when...
CVE-2018-12544
CVE-2018-12544 affects Eclipse Vert.x OpenAPI XML type validator (versions 3.5.Beta1–3.5.3). The vulnerability stems from creating XML parsers without proper defenses against XML attacks, enabling XML External Entity (XXE) exploitation. Public references (Veracode, Red Hat advisory RHSA-2018:2946...
CVE-2018-12541
In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There should be a reasonnable limit 8192 bytes above which the WebSocket gets an HTTP response with the...
CVE-2018-12541
The CVE-2018-12541 vulnerability affects Eclipse Vert.x WebSocket HTTP upgrade: in versions 3.0.0–3.5.3, the upgrade path buffers the entire HTTP request (including the request body) in memory before performing the handshake. This behavior enables an attacker to potentially exhaust memory by send...
CVE-2018-12542
In Eclipse Vert.x 3.0.0–3.5.3, the StaticHandler reads external input to form a pathname and fails to neutralize backslash sequences on Windows, allowing path traversal to locations outside the intended restricted directory. This CVE is documented with a high/critical impact (CVE-2018-12542) and ...
Unspecified Vulnerability in Eclipse Vert.x (CNVD-2019-43402)
Eclipse Vert.x is an Eclipse Foundation toolkit for building responsive applications on the JVM , which is mainly used to build applications such as network utilities , Web applications , HTTP/REST microservices and so on. A security vulnerability exists in Eclipse Vert.x that stems from the...
CVE-2018-12537
In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the client request or server response...
Design/Logic Flaw
In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the client request or server response...
CVE-2018-12537
In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the client request or server response...