Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): jetty
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-28165 |
In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame. Published: April 01, 2021; 11:15:14 AM -0400 |
V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2021-28164 |
In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. Published: April 01, 2021; 11:15:14 AM -0400 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2021-28163 |
In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that directory. Published: April 01, 2021; 11:15:14 AM -0400 |
V3.1: 2.7 LOW V2.0: 4.0 MEDIUM |
CVE-2020-27223 |
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. Published: February 26, 2021; 5:15:19 PM -0500 |
V3.1: 5.3 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-14359 |
A vulnerability was found in all versions of Keycloak Gatekeeper, where on using lower case HTTP headers (via cURL) an attacker can bypass our Gatekeeper. Lower case headers are also accepted by some webservers (e.g. Jetty). This means there is no protection when we put a Gatekeeper in front of a Jetty server and use lowercase headers. Published: February 23, 2021; 8:15:12 AM -0500 |
V3.1: 7.3 HIGH V2.0: 7.5 HIGH |
CVE-2021-22553 |
Any git operation is passed through Jetty and a session is created. No expiry is set for the session and Jetty does not automatically dispose of the session. Over multiple git actions, this can lead to a heap memory exhaustion for Gerrit servers. We recommend upgrading Gerrit to any of the versions listed above. Published: February 17, 2021; 7:15:12 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2020-27218 |
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request. Published: November 27, 2020; 8:15:11 PM -0500 |
V3.1: 4.8 MEDIUM V2.0: 5.8 MEDIUM |
CVE-2020-27216 |
In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. Published: October 23, 2020; 9:15:16 AM -0400 |
V3.1: 7.0 HIGH V2.0: 4.4 MEDIUM |
CVE-2019-17638 |
In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this double release, two threads can acquire the same ByteBuffer from the pool and while thread1 is about to use the ByteBuffer to write response1 data, thread2 fills the ByteBuffer with other data. Thread1 then proceeds to write the buffer that now contains different data. This results in client1, which issued request1 seeing data from another request or response which could contain sensitive data belonging to client2 (HTTP session ids, authentication credentials, etc.). If the Jetty version cannot be upgraded, the vulnerability can be significantly reduced by configuring a responseHeaderSize significantly larger than the requestHeaderSize (12KB responseHeaderSize and 8KB requestHeaderSize). Published: July 09, 2020; 2:15:10 PM -0400 |
V3.1: 9.4 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-17632 |
In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v20191118, the generation of default unhandled Error response content (in text/html and text/json Content-Type) does not escape Exception messages in stacktraces included in error output. Published: November 25, 2019; 5:15:11 PM -0500 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2009-5046 |
JSP Dump and Session Dump Servlet XSS in jetty before 6.1.22. Published: November 06, 2019; 3:15:09 PM -0500 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2009-5045 |
Dump Servlet information leak in jetty before 6.1.22. Published: November 06, 2019; 3:15:09 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2009-5049 |
WebApp JSP Snoop page XSS in jetty though 6.1.21. Published: November 06, 2019; 2:15:11 PM -0500 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2009-5048 |
Cookie Dump Servlet stored XSS vulnerability in jetty though 6.1.20. Published: November 06, 2019; 2:15:11 PM -0500 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-10104 |
In several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration (for Tomcat, Jetty, Resin, or CloudBees) with the default setting allowed a remote attacker to execute code when the configuration is running, because a JMX server listened on all interfaces instead of localhost only. The issue has been fixed in the following versions: 2018.3.4, 2018.2.8, 2018.1.8, and 2017.3.7. Published: July 03, 2019; 3:15:12 PM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-10247 |
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context. Published: April 22, 2019; 4:29:00 PM -0400 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2019-10246 |
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted to only the content in the configured base resource directories. Published: April 22, 2019; 4:29:00 PM -0400 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2019-10241 |
In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents. Published: April 22, 2019; 4:29:00 PM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-12545 |
In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to the additional CPU and memory allocations required to handle changed settings. Published: March 27, 2019; 4:29:03 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-1000817 |
Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2.14.1.1, 2.15.1 and 3.0.6 contains a Incorrect Access Control vulnerability in Applications deployed in Jetty that can result in Download .class files and any arbitrary file. This attack appear to be exploitable via Specially crafted GET request containing directory traversal from assets-pipeline context. This vulnerability appears to have been fixed in 2.14.1.1 (for Grails 2.x), 2.15.1 (for Grails 3 and Java 7) and 3.0.6 (for Grails 3 and Java 8). Published: December 20, 2018; 10:29:00 AM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |