Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2021/12/14 9:31 p.m.4 views

jetty: SessionListener can prevent a session from being invalidated breaking logout

A flaw was discovered in the jetty-server, where if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts, this could result in a session not being...

3.6CVSS7.2AI score0.00963EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/08/19 7:17 a.m.5 views

jetty: SessionListener can prevent a session from being invalidated breaking logout

A flaw was discovered in the jetty-server, where if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts, this could result in a session not being...

3.6CVSS7.2AI score0.00963EPSS
Exploits1References5
OSV
OSV
added 2021/06/22 3:15 p.m.3 views

DEBIAN-CVE-2021-34428

For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being...

3.5CVSS6.3AI score0.00963EPSS
Exploits1References1
OSV
OSV
added 2021/06/22 3:15 p.m.4 views

UBUNTU-CVE-2021-34428

For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being...

3.5CVSS6.7AI score0.00963EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2021/06/22 12:0 a.m.8 views

PT-2021-3392 · Eclipse +2 · Eclipse Jetty +2

Name of the Vulnerable Software and Affected Versions: Eclipse Jetty versions = 9.4.40 Eclipse Jetty versions = 10.0.2 Eclipse Jetty versions = 11.0.2 Description: The issue is related to the SessionListenersessionDestroyed method, where if an exception is thrown, the session ID is not invalidate...

9.8CVSS6.3AI score0.99999EPSS
Exploits37References123
Rows per page
Query Builder