
CVE-2024-8376 – Memory leak
https://notcve.org/view.php?id=CVE-2024-8376
11 Oct 2024 — In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" packets. A flaw was found in Eclipse Mosquitto. A remote attacker may be able to trigger memory leakage, segmentation fault, or a heap-use-after-free condition by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE", and "PUBLISH" packets. Red Hat Product Se... • https://github.com/eclipse/mosquitto/releases/tag/v2.0.19 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-416: Use After Free CWE-755: Improper Handling of Exceptional Conditions •

CVE-2024-9329 – Glassfish redirect to untrusted site
https://notcve.org/view.php?id=CVE-2024-9329
30 Sep 2024 — In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is '/management/domain'. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. • https://github.com/eclipse-ee4j/glassfish/pull/25106 • CWE-233: Improper Handling of Parameters •

CVE-2024-9202 – EDC DataSetResolver policy filtering missing
https://notcve.org/view.php?id=CVE-2024-9202
27 Sep 2024 — In Eclipse Dataspace Components versions 0.1.3 to 0.9.0, the Connector component filters which datasets (= data offers) another party can see in a requested catalog, to ensure that only authorized parties are able to view restricted offers. However, there is the possibility to request a single dataset, which should be subject to the same filtering process, but currently is missing the correct filtering. This enables parties to potentially see datasets they should not have access to, thereby exposing sensiti... • https://github.com/eclipse-edc/Connector/pull/4490 • CWE-862: Missing Authorization •

CVE-2024-8642 – Eclipse EDC: Consumer pull transfer token validation checks not applied
https://notcve.org/view.php?id=CVE-2024-8642
11 Sep 2024 — In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity (expiry, not-before, issuance date), which can allow an attacker to bypass the check for token expiration. The issue requires to have a dataplane configured to support http proxy consumer pull AND include the module "transfer-data-plane". The affected code was marked deprecated from the version 0.6.0 in favour of Dataplane Signaling. In 0.9.0 th... • https://github.com/eclipse-edc/Connector/commit/04899e91dcdb4a407db4eb7af3e7b6ff9a9e9ad6 • CWE-303: Incorrect Implementation of Authentication Algorithm CWE-305: Authentication Bypass by Primary Weakness •

CVE-2024-8646 – Eclipse Glassfish: URL redirection vulnerability to untrusted sites
https://notcve.org/view.php?id=CVE-2024-8646
11 Sep 2024 — In Eclipse Glassfish versions prior to 7.0.10, a URL redirection vulnerability to untrusted sites existed. This vulnerability is caused by the vulnerability (CVE-2023-41080) in the Apache code included in GlassFish. This vulnerability only affects applications that are explicitly deployed to the root context ('/'). In Eclipse Glassfish versions prior to 7.0.10, a URL redirection vulnerability to untrusted sites existed. This vulnerability is caused by the vulnerability (CVE-2023-41080) in the Apache code in... • https://github.com/eclipse-ee4j/glassfish/pull/24655 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVE-2024-8391 – Eclipse Vert.x gRPC server does not limit the maximum message size
https://notcve.org/view.php?id=CVE-2024-8391
04 Sep 2024 — In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not limit the maximum length of message payload (Maven GAV: io.vertx:vertx-grpc-server and io.vertx:vertx-grpc-client). This is fixed in the 4.5.10 version. Note this does not affect the Vert.x gRPC server based grpc-java and Netty libraries (Maven GAV: io.vertx:vertx-grpc) A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a serv... • https://github.com/eclipse-vertx/vertx-grpc/issues/113 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVE-2023-7272 – Eclipse Parsson stack overflow with deeply nested objects
https://notcve.org/view.php?id=CVE-2023-7272
17 Jul 2024 — In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing (e.g. parse, generate, transform and query) JSON documents. En Eclipse Parsson anterior a 1.0.4 y 1.1.3, un documento con una gran profundidad de objetos anidados puede permitir que un atacante provoque una excepción de desbordamiento de pila de Java y denegación de servicio. Eclipse Parsson permite ... • https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/12 • CWE-787: Out-of-bounds Write •

CVE-2024-3933 – Eclipse Open J9 With -Xgc:concurrentScavenge on IBM Z, could write/read outside of a buffer
https://notcve.org/view.php?id=CVE-2024-3933
27 May 2024 — In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage [1], could allow access to a buffer with an incorrect length value when executing an arraycopy sequence while the Concurrent Scavenge Garbage Collection cycle is active and the source and destination memory regions for arraycopy overlap. This allows read and write to ... • https://github.com/eclipse/omr/pull/7275 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write CWE-805: Buffer Access with Incorrect Length Value •

CVE-2024-5165 – Eclipse Ditto User Interface vulnerable to XSS due to Improper Neutralization of Input
https://notcve.org/view.php?id=CVE-2024-5165
23 May 2024 — In Eclipse Ditto versions 3.0.0 to 3.5.5, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS (Cross Site Scripting). Several inputs were not persisted at the backend of Eclipse Ditto, but only in local browser storage to save settings of "environments" of the UI and e.g. the last performed "search queries", resulting in a "Reflected XSS" vulnerabili... • https://gitlab.eclipse.org/security/cve-assignement/-/issues/23 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVE-2024-4536 – Eclipse EDC: OAuth2 Credential Exfiltration Vulnerability
https://notcve.org/view.php?id=CVE-2024-4536
07 May 2024 — In Eclipse Dataspace Components from version 0.2.1 to 0.6.2, in the EDC Connector component ( https://github.com/eclipse-edc/Connector ), an attacker might obtain OAuth2 client secrets from the vault. In Eclipse Dataspace Components from version 0.2.1 to 0.6.2, we have identified a security vulnerability in the EDC Connector component ( https://github.com/eclipse-edc/Connector ) regarding the OAuth2-protected data sink feature. When using a custom, OAuth2-protected data sink, the OAuth2-specific data addres... • https://github.com/eclipse-edc/Connector/commit/a4e6018d2c0457fba6f672fafa6c590513c45d1b • CWE-201: Insertion of Sensitive Information Into Sent Data CWE-522: Insufficiently Protected Credentials •