CVE-2021-28165

In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.

CVE-2017-7657

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as...

CVE-2022-23234

SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext HANA credentials.

CVE-2023-27313

SnapCenter versions 3.x and 4.x prior to 4.9 are susceptible to avulnerability which may allow an authenticated unprivileged user to gainaccess as an admin user.

CVE-2022-38732

SnapCenter versions prior to 4.7 shipped without Content Security Policy (CSP) implemented which could allow certain types of attacks that otherwise would be prevented.

CVE-2024-21993

SnapCenter versions prior to 5.0p1 are susceptible to a vulnerabilitywhich could allow an authenticated attacker to discover plaintextcredentials.

CVE-2023-27316

SnapCenter versions 4.8 through 4.9 are susceptible to avulnerability which may allow an authenticated SnapCenter Server user tobecome an admin user on a remote system where a SnapCenter plug-in hasbeen installed.

CVE-2024-21987

SnapCenter versions 4.8 prior to 5.0 are susceptible to avulnerability which could allow an authenticated SnapCenter Server userto modify system logging configuration settings