CVSS: 6.1EPSS: 24%CPEs: 139EXPL: 0CVE-2019-10241 – jetty: using specially formatted URL against DefaultServlet or ResourceHandler leads to XSS conditions
https://notcve.org/view.php?id=CVE-2019-10241
22 Apr 2019 — In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents. Eclipse Jetty versiones 9.2.26 y anteriores, 9.3.25 y anteriores, 9.3.25 y anteriores, y 9.4.15 y anteriores. El servidor es vulnerable a un Cross-Site Scripting (XSS) si un cliente remoto emplea una URL especialmente formada ... • https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 6%CPEs: 335EXPL: 0CVE-2019-10247 – jetty: error path information disclosure
https://notcve.org/view.php?id=CVE-2019-10247
22 Apr 2019 — In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the ... • https://bugs.eclipse.org/bugs/show_bug.cgi?id=546577 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-213: Exposure of Sensitive Information Due to Incompatible Policies •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2018-3126
https://notcve.org/view.php?id=CVE-2018-3126
17 Oct 2018 — Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xenvironment). Supported versions that are affected are 15.0.2, 16.0.4 and 17.0.2. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Retail Xstore Point of Service. Successful attacks of this vulnerability can result in takeover of Oracle Retail Xstore Point of Service. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Avai... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •
CVSS: 5.3EPSS: 2%CPEs: 7EXPL: 0CVE-2018-12536 – jetty: full server path revealed when using the default Error Handling
https://notcve.org/view.php?id=CVE-2018-12536
27 Jun 2018 — In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPath... • http://www.securitytracker.com/id/1041194 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 9.8EPSS: 10%CPEs: 29EXPL: 0CVE-2017-7658 – jetty: Incorrect header handling
https://notcve.org/view.php?id=CVE-2017-7658
26 Jun 2018 — In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imp... • http://www.securityfocus.com/bid/106566 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 9.8EPSS: 4%CPEs: 27EXPL: 0CVE-2017-7657 – jetty: HTTP request smuggling
https://notcve.org/view.php?id=CVE-2017-7657
26 Jun 2018 — In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrar... • http://www.securitytracker.com/id/1041194 • CWE-190: Integer Overflow or Wraparound CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 5.9EPSS: 3%CPEs: 42EXPL: 0CVE-2018-10237 – guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service
https://notcve.org/view.php?id=CVE-2018-10237
26 Apr 2018 — Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. Asignación de memoria ... • http://www.securitytracker.com/id/1041707 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2017-9735
https://notcve.org/view.php?id=CVE-2017-9735
16 Jun 2017 — Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords. Jetty hasta la versión 9.4.x es propenso a una sincronización de canal en util/security/Password.java, lo que facilita que atacantes remotos obtengan acceso observando el tiempo transcurrido antes de rechazar contraseñas incorrectas. SR 760 Feeder Protection Relay, en versiones de firmware anteriores a... • http://www.securityfocus.com/bid/99104 • CWE-203: Observable Discrepancy •