Lucene search
K

7 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Jetty9

In Eclipse Jetty versions 9.4.0 through 9.4.46, and 10.0.0 through 10.0.9, as well as 11.0.0 through 11.0.9, the parsing of the authority segment of an http scheme URI causes the Jetty HttpURI class to incorrectly detect an invalid input as a hostname. This can lead to failures in a Proxy scenari...

4CVSS6.7AI score0.01173EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-3114

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00986EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-6763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpU...

5.3CVSS6.1AI score0.00986EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2025/07/24 3:6 p.m.3 views

CVE-2025-33109

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to a privilege escalation caused by an invalid database authority check. A bad actor could execute a database procedure or function without having all required permissions, in addition to causing denial of service for some database actions...

8.8CVSS5.8AI score0.00362EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/06/30 1:16 p.m.7 views

org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

A flaw was found in Jetty. The HttpURI class performs insufficient validation on the authority segment of a URI. The HttpURI and the browser may differ on the value of the host extracted from an invalid URI. This combination of Jetty and a vulnerable browser may be vulnerable to an open redirect...

5.3CVSS5.7AI score0.00986EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2023/01/17 11:47 a.m.5 views

jetty-http: improver hostname input handling

A flaw was found in Eclipse Jetty. When parsing the authority segment of an HTTP scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This issue can lead to failures in a Proxy scenario...

4CVSS7.1AI score0.01173EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/07/07 12:0 a.m.18 views

PT-2022-6209 · Eclipse +2 · Eclipse Jetty +2

Name of the Vulnerable Software and Affected Versions: Eclipse Jetty versions 9.4.0 through 9.4.46 Eclipse Jetty versions 10.0.0 through 10.0.9 Eclipse Jetty versions 11.0.0 through 11.0.9 Description: The parsing of the authority segment of an http scheme URI in the Jetty HttpURI class improperl...

7.5CVSS6.5AI score0.99999EPSS
Exploits31References91
Rows per page
Query Builder