ROS-20240729-10

Vulnerability in HttpServletRequest.getParameter andHttpServletRequest.getParts functions of servlet container Eclipse Jetty is related to the allocation of unlimited memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service The Eclipse Jetty...

Authentication flaw

Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest.getRemoteAddr method allows Multi-Factor Authentication bypass.This issue affects CAS: through 7.0.0-RC7. It is unknown whether in new versions the issue will be fixed. For the date of publication there...

CVE-2023-4612 MFA bypass in Apereo CAS

Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest.getRemoteAddr method allows Multi-Factor Authentication bypass.This issue affects CAS: through 7.0.0-RC7. It is unknown whether in new versions the issue will be fixed. For the date of publication there...

CVE-2023-4612

CVE-2023-4612 is an Improper Authentication vulnerability in Apereo CAS via jakarta.servlet.http.HttpServletRequest.getRemoteAddr, enabling MFA bypass. Affected: Apereo CAS up to and including 7.0.0-RC7. Public patches are not available; the vendor does not treat it as a vulnerability. Related so...

OutOfMemoryError for large multipart without filename in Eclipse Jetty

Impact Servlets with multipart support e.g. annotated with @MultipartConfig that call HttpServletRequest.getParameter or HttpServletRequest.getParts may cause OutOfMemoryError when the client sends a multipart request with a part that has a name but no filename and a very large content. This...

CVE-2023-26048

Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support e.g. annotated with @MultipartConfig that call HttpServletRequest.getParameter or HttpServletRequest.getParts may cause OutOfMemoryError when the client sends a multipart request with a part...

CVE-2023-26048

Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support e.g. annotated with @MultipartConfig that call HttpServletRequest.getParameter or HttpServletRequest.getParts may cause OutOfMemoryError when the client sends a multipart request with a part...

CVE-2023-26048

Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support e.g. annotated with @MultipartConfig that call HttpServletRequest.getParameter or HttpServletRequest.getParts may cause OutOfMemoryError when the client sends a multipart request with a part...

CVE-2023-26048 OutOfMemoryError for large multipart without filename in Eclipse Jetty

Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support e.g. annotated with @MultipartConfig that call HttpServletRequest.getParameter or HttpServletRequest.getParts may cause OutOfMemoryError when the client sends a multipart request with a part...

This Week in Spring - June 7th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! Ive just landed in tantalizing Toronto, Canada, for the SpringOne Tour Toronto show. Im so excited to be here, at long last, after so long away from one of my favorite countries. Ill be doing two talks - my usual, Kubernetes...

DOS vulnerability for Quoted Quality CSV headers

Impact When Jetty handles a request containing request headers with a large number of “quality” i.e. q parameters such as what are seen on the Accept, Accept-Encoding, and Accept-Language request headers, the server may enter a denial of service DoS state due to high CPU usage while sorting the...

GHSA-WMV4-5W76-VP9G Authorization Bypass in Spring Security

When using Spring Security's CAS Proxy ticket authentication a malicious CAS Service could trick another CAS Service into authenticating a proxy ticket that was not associated. This is due to the fact that the proxy ticket authentication uses the information from the HttpServletRequest which is...

Exploit for CVE-2020-13933

CVE-2020-13933 – Test Bed shiro: Permission configuration...

IBM WebSphere Application Server 9.0.0.0 < 9.0.0.9 Information Disclosure (CVE-2018-1957)

The IBM WebSphere Application Server running on the remote host is version 9.0.0.0 through 9.0.0.9 prior to 9.0.0.10. It is, therefore, affected by a information disclosure vulnerability. The vulnerability exists in IBM WebSphere Application Server due to mishandling of data by the application...

ManageEngine Desktop Central - FileStorage getChartImage Deserialization Unauthenticated Remote Code Execution

ManageEngine Desktop Central - FileStorage getChartImage Deserialization Unauthenticated Remote Code Execution !/usr/bin/python3 """ ManageEngine Desktop Central FileStorage getChartImage Deserialization of Untrusted Data Remote Code Execution Vulnerability Download:...

CVE-2018-1957

IBM WebSphere Application Server 9 could allow sensitive information to be available caused by mishandling of data by the application based on an incorrect return by the httpServletRequestauthenticate API when an unprotected URI is accessed. IBM X-Force ID: 153629...

CVE-2018-1957

IBM WebSphere Application Server 9 could allow sensitive information to be available caused by mishandling of data by the application based on an incorrect return by the httpServletRequestauthenticate API when an unprotected URI is accessed. IBM X-Force ID: 153629...

CVE-2016-6812

The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 uses FormattedServiceListWriter to provide an HTML page which lists the names and absolute URL addresses of the available service endpoints. The module calculates the base URL using the current HttpServletRequest. Th...

CVE-2016-6812

The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 uses FormattedServiceListWriter to provide an HTML page which lists the names and absolute URL addresses of the available service endpoints. The module calculates the base URL using the current HttpServletRequest. Th...

Design/Logic Flaw

The HTTP transport module in Apache CXF prior to 3.0.12 and 3.1.x prior to 3.1.9 uses FormattedServiceListWriter to provide an HTML page which lists the names and absolute URL addresses of the available service endpoints. The module calculates the base URL using the current HttpServletRequest. Th...