CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2024-2214 – Missing array size check in _Mtxinit() in the Xtensa port
https://notcve.org/view.php?id=CVE-2024-2214
26 Mar 2024 — In Eclipse ThreadX before version 6.4.0, the _Mtxinit() function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/tx_clib_lock.c En Eclipse ThreadX anterior a la versión 6.4.0, a la función _Mtxinit() en el puerto Xtensa le faltaba una verificación del tamaño de la matriz, lo que provocaba una sobrescritura de la memoria. El archivo afectado era ports/xtensa/xcc/src/tx_clib_lock.c Eclipse ThreadX versions prior to 6.4.0 suffers from a ... • https://packetstorm.news/files/id/178817 • CWE-129: Improper Validation of Array Index •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2024-2452 – Integer wraparound, under-allocation, and heap buffer overflow in Eclipse ThreadX NetX Duo __portable_aligned_alloc()
https://notcve.org/view.php?id=CVE-2024-2452
26 Mar 2024 — In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of __portable_aligned_alloc() could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows. En Eclipse ThreadX NetX Duo anterior a 6.4.0, si un atacante puede controlar los parámetros de __portable_aligned_alloc() podría provocar una envoltura de enteros y una asignación menor de lo esperado. Esto podría provocar desbordamientos de búfer de almacenamiento dinámico.... • https://packetstorm.news/files/id/178817 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 3CVE-2023-6194
https://notcve.org/view.php?id=CVE-2023-6194
11 Dec 2023 — In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit document type definition (DTD) references to external entities. This means that if a user chooses to use a malicious report definition XML file containing an external entity reference to generate a report then Eclipse Memory Analyzer may access external files or URLs defined via a DTD in the report definition. En las versiones 0.7 a 1.14.0 de Eclipse Memory Analyzer, los archivos XML de definición de ... • https://bugs.eclipse.org/bugs/show_bug.cgi?id=582631 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5676 – Eclipse OpenJ9 possible infinite busy hang
https://notcve.org/view.php?id=CVE-2023-5676
15 Nov 2023 — In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing. En Eclipse OpenJ9 anterior a la versión 0.41.0, la JVM puede verse forzada a un bloqueo de ocupación infinita en un bloqueo de giro o una falla de segmentación si se recibe una señal de apagado (SIGTERM, SIGINT o SIGHUP) antes de que la JVM haya terminado de inicializarse. Eclipse... • https://github.com/eclipse-openj9/openj9/pull/18085 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-364: Signal Handler Race Condition •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-4218 – XXE in eclipse.platform / Eclipse IDE
https://notcve.org/view.php?id=CVE-2023-4218
09 Nov 2023 — In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a foreign repository or patch). En las versiones de Eclipse IDE <2023-09 (4.29), algunos archivos con contenido xml se analizan como vulnerables a todo tipo de ataques XXE. El usuario sólo necesita abrir cualquier proyecto maligno o actualizar un proyecto abierto co... • https://github.com/eclipse-cdt/cdt/commit/c7169b3186d2fef20f97467c3e2ad78e2943ed1b • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-4043 – Parsson DoS when parsing numbers from untrusted sources
https://notcve.org/view.php?id=CVE-2023-4043
03 Nov 2023 — In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input text of a number can lead to much larger processing time than one would expect. To mitigate the risk, parsson put in place a size limit for the numbers as well as their scale. En Eclipse Parsson antes de las versiones 1.1.4 y 1.0.5, el Parsing JSON de fuentes no c... • https://github.com/eclipse-ee4j/parsson/pull/100 • CWE-20: Improper Input Validation CWE-834: Excessive Iteration •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5763 – Glassfish remote code execution
https://notcve.org/view.php?id=CVE-2023-5763
03 Nov 2023 — In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listeners. En Eclipse Glassfish 5 o 6, ejecutado con versiones antiguas de JDK (inferiores a 6u211, o < 7u201, o < 8u191), permite a atacantes remotos cargar código malicioso en el servidor mediante el acceso a oyentes ORB inseguros. • https://gitlab.eclipse.org/security/cve-assignement/-/issues/14 • CWE-20: Improper Input Validation CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5632 – Unconditionally adding an event to the epoll causes excessive CPU consumption
https://notcve.org/view.php?id=CVE-2023-5632
18 Oct 2023 — In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server without sending data causes the EPOLLOUT event to be added, which results excessive CPU consumption. This could be used by a malicious actor to perform denial of service type attack. This issue is fixed in 2.0.6 En Eclipse Mosquito anterior a 2.0.5 incluida, establecer una conexión con el servidor mosquitto sin enviar datos provoca que se agregue el evento EPOLLOUT, lo que resulta en un consumo excesivo de CPU.... • https://github.com/eclipse/mosquitto/commit/18bad1ff32435e523d7507e9b2ce0010124a8f2d • CWE-834: Excessive Iteration •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 1CVE-2023-36478 – HTTP/2 HPACK integer overflow and buffer allocation
https://notcve.org/view.php?id=CVE-2023-36478
10 Oct 2023 — Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in `MetaDataBuilder.checkSize` allows for HTTP/2 HPACK header values to exceed their size limit. `MetaDataBuilder.java` determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded. However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and lengt... • http://www.openwall.com/lists/oss-security/2023/10/18/4 • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 94%CPEs: 444EXPL: 19CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •