Astra Linux - уязвимость в jetty9

In Eclipse Jetty versions 1.0 through 9.4.32.v20200930, 10.0.0alpha1 through 10.0.0.beta2, and 11.0.0alpha1 through 11.0.0.beta2O, on Unix-like systems, the system’s temporary directory is shared among all users on that system. A collocated user can observe the process of creating a temporary...

EUVD-2021-0669

Malware in sbrugna...

EUVD-2020-1455

Malware in sbrugna...

RHEL 6 : jetty (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jetty: Timing channel attack in util/security/Password.java CVE-2017-9735 - jetty: error path information...

K18484125: Eclipse Jetty vulnerability CVE-2020-27216

Security Advisory Description In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of...

Mozilla: Temporary files downloaded to /tmp and accessible by other local users

The Mozilla Foundation Security Advisory describes this flaw as: Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in /tmp, but this behavior was changed to download them to /tmp where they could be affected by other local users. This behavior...

netty: Information disclosure via the local system temporary directory

In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used, a local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the...

jetty: local temporary directory hijacking vulnerability

In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub...

GHSA-23X4-M842-FMWF Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator

Impact On Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. This...

netty: Information disclosure via the local system temporary directory

In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used, a local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the...

CVE-2020-27216

In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub...

DEBIAN-CVE-2020-15250

In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this...