The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Eclipse Jetty

Eclipse Jetty: Cross Site Scripting via Generic ErrorHandler
An attacker can trigger a Cross Site Scripting via Generic ErrorHandler of Eclipse Jetty, in order to run JavaScript code in the context of the web site...
CVE-2019-17632, FEDORA-2020-4913d43d77, VIGILANCE-VUL-30979
HTTP/2: multiple vulnerabilities
An attacker can use several vulnerabilities of HTTP/2...
1072144, 1072860, 1167160, 6198380, bulletinoct2019, CERTFR-2019-AVI-389, cpuapr2020, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, DSA-4503-1, DSA-4505-1, DSA-4508-1, DSA-4511-1, DSA-4520-1, DSA-4669-1, FEDORA-2019-1686ae9b59, FEDORA-2019-5a6a7bc12c, FEDORA-2019-63ba15cc83, FEDORA-2019-7443ebda4b, FEDORA-2019-81985a8858, FEDORA-2019-8a437d5c2f, FEDORA-2019-befd924cfe, HT210436, NFLX-2019-002, openSUSE-SU-2019:2000-1, openSUSE-SU-2019:2051-1, openSUSE-SU-2019:2056-1, openSUSE-SU-2019:2072-1, openSUSE-SU-2019:2085-1, openSUSE-SU-2019:2114-1, openSUSE-SU-2019:2115-1, openSUSE-SU-2019:2120-1, openSUSE-SU-2019:2130-1, openSUSE-SU-2019:2232-1, openSUSE-SU-2019:2234-1, openSUSE-SU-2019:2264-1, RHSA-2019:2692-01, RHSA-2019:2726-01, RHSA-2019:2745-01, RHSA-2019:2746-01, RHSA-2019:2775-01, RHSA-2019:2799-01, RHSA-2019:2893-01, RHSA-2019:2925-01, RHSA-2019:2939-01, RHSA-2019:2949-01, RHSA-2019:2955-01, RHSA-2019:4018-01, RHSA-2019:4019-01, RHSA-2019:4020-01, RHSA-2019:4021-01, RHSA-2019:4040-01, RHSA-2019:4041-01, RHSA-2019:4042-01, RHSA-2019:4045-01, RHSA-2019:4269-01, RHSA-2019:4273-01, RHSA-2020:0406-01, SSA:2020-091-02, SUSE-SU-2019:2213-1, SUSE-SU-2019:2214-1, SUSE-SU-2019:2237-1, SUSE-SU-2019:2254-1, SUSE-SU-2019:2259-1, SUSE-SU-2019:2260-1, SUSE-SU-2019:2309-1, SUSE-SU-2019:2329-1, SUSE-SU-2019:2473-1, SUSE-SU-2019:2559-1, SUSE-SU-2020:0059-1, Synology-SA-19:33, Synology-SA-19:37, USN-4099-1, USN-4113-1, USN-4113-2, USN-4308-1, VIGILANCE-VUL-30040, VU#605641
Eclipse Jetty: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Eclipse Jetty, in order to run JavaScript code in the context of the web site...
cpuapr2020, cpujan2020, CVE-2019-10241, CVE-2019-10246, CVE-2019-10247, NTAP-20190509-0003, VIGILANCE-VUL-29106
Eclipse Jetty: denial of service via Large HTTP2/SETTING Frames
An attacker can trigger a fatal error via Large HTTP2/SETTING Frames of Eclipse Jetty, in order to trigger a denial of service...
538096, CVE-2018-12545, FEDORA-2019-d9f867cb65, VIGILANCE-VUL-28885
Eclipse Jetty: information disclosure via InvalidPathException Message
An attacker can bypass access restrictions to data via InvalidPathException Message of Eclipse Jetty, in order to obtain sensitive information...
1103493, CVE-2018-12536, NTAP-20181014-0001, VIGILANCE-VUL-26536
Eclipse Jetty: information disclosure via Double Content-Length
An attacker can bypass access restrictions to data via Double Content-Length of Eclipse Jetty, in order to obtain sensitive information...
1103493, CVE-2017-7658, DSA-4278-1, FEDORA-2018-48b73ed393, FEDORA-2018-93a507fd0f, NTAP-20181014-0001, VIGILANCE-VUL-26535
Eclipse Jetty: information disclosure via Transfer-Encoding Request Smuggling
An attacker can bypass access restrictions to data via Transfer-Encoding Request Smuggling of Eclipse Jetty, in order to obtain sensitive information...
1103493, CVE-2017-7657, DSA-4278-1, FEDORA-2018-48b73ed393, FEDORA-2018-93a507fd0f, NTAP-20181014-0001, VIGILANCE-VUL-26534
Eclipse Jetty: information disclosure via HTTP/0.9 Request Smuggling
An attacker can use a vulnerability via HTTP/0.9 Request Smuggling of Eclipse Jetty, in order to obtain sensitive information...
1103493, CVE-2017-7656, DSA-4278-1, FEDORA-2018-48b73ed393, FEDORA-2018-93a507fd0f, NTAP-20181014-0001, VIGILANCE-VUL-26533
Eclipse Jetty: privilege escalation via FileSessionDataStore
An attacker can bypass restrictions via FileSessionDataStore of Eclipse Jetty, in order to escalate his privileges...
536018, CVE-2018-12538, NTAP-20181014-0001, VIGILANCE-VUL-26512
Eclipse Jetty: directory traversal with backslash characters
An attacker can traverse directories of Eclipse Jetty, in order to read a file outside the service root path...
CVE-2016-4800, ocert-2016-001, VIGILANCE-VUL-19731, ZDI-16-362
Our database contains other pages. You can request a free trial to read them.

Display information about Eclipse Jetty: