CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2597 – SUSE Security Advisory - SUSE-SU-2023:3305-1
https://notcve.org/view.php?id=CVE-2023-2597
22 May 2023 — In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer. An update that solves 47 vulnerabilities and has three fixes is now available. This update for java-17-openj9 fixes the following issues. • https://github.com/eclipse-openj9/openj9/pull/17259 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32081 – Vert.x STOMP server process client frames that would not send initially a connect frame
https://notcve.org/view.php?id=CVE-2023-32081
12 May 2023 — Vert.x STOMP is a vert.x implementation of the STOMP specification that provides a STOMP server and client. From versions 3.1.0 until 3.9.16 and 4.0.0 until 4.4.2, a Vert.x STOMP server processes client STOMP frames without checking that the client send an initial CONNECT frame replied with a successful CONNECTED frame. The client can subscribe to a destination or publish message without prior authentication. Any Vert.x STOMP server configured with an authentication handler is impacted. The issue is patched... • https://github.com/vert-x3/vertx-stomp/commit/0de4bc5a44ddb57e74d92c445f16456fa03f265b • CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 0%CPEs: 14EXPL: 3CVE-2023-26049 – Cookie parsing of quoted values can exfiltrate values from other cookies in Eclipse Jetty
https://notcve.org/view.php?id=CVE-2023-26049
18 Apr 2023 — Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE="b; JSESSIONID=1337; c=d"` will be parsed as o... • https://github.com/hshivhare67/Jetty_v9.4.31_CVE-2023-26049 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-1286: Improper Validation of Syntactic Correctness of Input •
CVSS: 5.3EPSS: 41%CPEs: 3EXPL: 2CVE-2023-26048 – OutOfMemoryError for large multipart without filename in Eclipse Jetty
https://notcve.org/view.php?id=CVE-2023-26048
18 Apr 2023 — Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may s... • https://github.com/Trinadh465/jetty_9.4.31_CVE-2023-26048 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0100
https://notcve.org/view.php?id=CVE-2023-0100
15 Mar 2023 — In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter (e.g. __report=http://xyz.com/report.rptdesign). If the host indicated in the __report parameter matched the HTTP Host header value, the report would be retrieved. However, the Host header can be tampered with on some configurations where no virtual hosts are put in place (e.g. in the default configuration of Apache Tomcat) or when the d... • https://bugs.eclipse.org/bugs/show_bug.cgi?id=580391 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-24815 – Disclosure of classpath resources on Windows when mounted on a wildcard route in vertx-web
https://notcve.org/view.php?id=CVE-2023-24815
09 Feb 2023 — Vert.x-Web is a set of building blocks for building web applications in the java programming language. When running vertx web applications that serve files using `StaticHandler` on Windows Operating Systems and Windows File Systems, if the mount point is a wildcard (`*`) then an attacker can exfiltrate any class path resource. When computing the relative path to locate the resource, in case of wildcards, the code: `return "/" + rest;` from `Utils.java` returns the user input (without validation) as the segm... • https://github.com/vert-x3/vertx-web/blob/62c0d66fa1c179ae6a4d57344631679a2b97e60f/vertx-web/src/main/java/io/vertx/ext/web/impl/Utils.java#L83 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2712
https://notcve.org/view.php?id=CVE-2022-2712
27 Jan 2023 — In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'. Successful exploitation could allow an remote unauthenticated attacker to access critical data, such as configuration files and deployed application source code. En las versiones 5.1.0 a 6.2.5 de Eclipse GlassFish, existe una vulnerabilidad en relative path traversal porque no filtra la ruta de solicitud que comienza con './'. Una explotación exitosa p... • https://bugs.eclipse.org/580502 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2022-36022 – Some Deeplearning4J packages use unclaimed s3 bucket in tests and examples
https://notcve.org/view.php?id=CVE-2022-36022
10 Nov 2022 — Deeplearning4J is a suite of tools for deploying and training deep learning models using the JVM. Packages org.deeplearning4j:dl4j-examples and org.deeplearning4j:platform-tests through version 1.0.0-M2.1 may use some unclaimed S3 buckets in tests in examples. This is likely affect people who use some older NLP examples that reference an old S3 bucket. The problem has been patched. Users should upgrade to snapshots as Deeplearning4J plan to publish a release with the fix at a later date. • https://github.com/eclipse/deeplearning4j/security/advisories/GHSA-rc39-g977-687w • CWE-330: Use of Insufficiently Random Values CWE-344: Use of Invariant Value in Dynamically Changing Context •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39368 – Californium Failing DTLS handshakes causes Data Loss due to throttling blocking processing of records
https://notcve.org/view.php?id=CVE-2022-39368
09 Nov 2022 — Eclipse Californium is a Java implementation of RFC7252 - Constrained Application Protocol for IoT Cloud services. In versions prior to 3.7.0, and 2.7.4, Californium is vulnerable to a Denial of Service. Failing handshakes don't cleanup counters for throttling, causing the threshold to be reached without being released again. This results in permanently dropping records. The issue was reported for certificate based handshakes, but may also affect PSK based handshakes. • https://github.com/eclipse-californium/californium/commit/5648a0c27c2c2667c98419254557a14bac2b1f3f • CWE-404: Improper Resource Shutdown or Release CWE-459: Incomplete Cleanup •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3676 – SUSE Security Advisory - SUSE-SU-2022:4250-1
https://notcve.org/view.php?id=CVE-2022-3676
24 Oct 2022 — In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type. En Eclipse Openj9 versiones anteriores a 0.35.0, las llamadas a interfaces pueden ser inlineadas sin una comprobación de tipo en tiempo de ejecución. El código de bytes malicioso podría hacer uso de este inlining para acceder o modificar la memoria por medio de un tipo no compatible An update that fixes 5... • https://github.com/eclipse-openj9/openj9/pull/16122 • CWE-20: Improper Input Validation CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •