3 matches found
Security Bulletin: IBM Tivoli Network Manager is vulnerable to information disclosure attacks due to vulnerabilities in Eclipse Jetty (CVE-2021-28169)
Summary Eclipse Jetty libraries jetty-io, jetty-client, jetty-http, jetty-util used by IBM Tivoli Network Manager, in versions = 9.4.40, = 10.0.2, = 11.0.2 , it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For...
PT-2021-7933 · Eclipse +3 · Eclipse Jetty +3
Name of the Vulnerable Software and Affected Versions: Eclipse Jetty versions = 9.4.40 Eclipse Jetty versions = 10.0.2 Eclipse Jetty versions = 11.0.2 Description: The vulnerability in the Eclipse Jetty servlet container is related to the lack of protection for service data. Exploitation of this...
RHEL 7 : rh-eclipse-jetty (RHSA-2021:1509)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1509 advisory. Jetty is a 100% Java HTTP Server and Servlet Container. The following packages have been upgraded to a later upstream version:...