Filtered by vendor Eclipse
Subscribe
Total
141 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-27221 | 1 Eclipse | 1 Openj9 | 2021-03-02 | 7.5 HIGH | 9.8 CRITICAL |
In Eclipse OpenJ9 up to and including version 0.23, there is potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding. | |||||
CVE-2020-27222 | 1 Eclipse | 1 Californium | 2021-02-09 | 5.0 MEDIUM | 7.5 HIGH |
In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the DTLS server side sticks to a wrong internal state. That wrong internal state is set by a previous certificate based DTLS handshake failure with TLS parameter mismatch. The DTLS server side must be restarted to recover this. This allow clients to force a DoS. | |||||
CVE-2020-35217 | 1 Eclipse | 1 Vert.x-web | 2021-02-02 | 6.8 MEDIUM | 8.8 HIGH |
Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSRF verification. Instead of comparing the CSRF token in the request with the CSRF token in the cookie, it compares the CSRF token in the cookie against a CSRF token that is stored in the session. An attacker does not even need to provide a CSRF token in the request because the framework does not consider it. The cookies are automatically sent by the browser and the verification will always succeed, leading to a successful CSRF attack. | |||||
CVE-2020-27220 | 1 Eclipse | 1 Hono | 2021-01-22 | 9.0 HIGH | 8.8 HIGH |
The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a specific device. The missing check involves verifying that the command target device is configured giving permission for the gateway device to act on its behalf. This means an authenticated device of a certain tenant, notably also a non-gateway device acting like a gateway, may receive command & control messages targeted at a different device of the same tenant without corresponding permissions getting checked. | |||||
CVE-2020-27219 | 1 Eclipse | 1 Hawkbit | 2021-01-21 | 4.3 MEDIUM | 6.1 MEDIUM |
In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescaped to the client. | |||||
CVE-2020-14368 | 1 Eclipse | 1 Che | 2021-01-04 | 4.6 MEDIUM | 7.1 HIGH |
A flaw was found in Eclipse Che in versions prior to 7.14.0 that impacts CodeReady Workspaces. When configured with cookies authentication, Theia IDE doesn't properly set the SameSite value, allowing a Cross-Site Request Forgery (CSRF) and consequently allowing a cross-site WebSocket hijack on Theia IDE. This flaw allows an attacker to gain full access to the victim's workspace through the /services endpoint. To perform a successful attack, the attacker conducts a Man-in-the-middle attack (MITM) and tricks the victim into executing a request via an untrusted link, which performs the CSRF and the Socket hijack. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
CVE-2019-11776 | 1 Eclipse | 1 Business Intelligence And Reporting Tools | 2020-12-17 | 4.3 MEDIUM | 6.1 MEDIUM |
In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter. Attacker can execute the payload in victim's browser context. | |||||
CVE-2018-12542 | 2 Eclipse, Microsoft | 2 Vert.x, Windows | 2020-12-15 | 7.5 HIGH | 9.8 CRITICAL |
In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the StaticHandler uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\' (forward slashes) sequences that can resolve to a location that is outside of that directory when running on Windows Operating Systems. | |||||
CVE-2018-12544 | 1 Eclipse | 1 Vert.x | 2020-12-15 | 7.5 HIGH | 9.8 CRITICAL |
In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML type validator creates XML parsers without taking appropriate defense against XML attacks. This mechanism is exclusively when the developer uses the Eclipse Vert.x OpenAPI XML type validator to validate a provided schema. | |||||
CVE-2020-27217 | 1 Eclipse | 1 Hono | 2020-12-01 | 5.0 MEDIUM | 7.5 HIGH |
In Eclipse Hono version 1.3.0 and 1.4.0 the AMQP protocol adapter does not verify the size of AMQP messages received from devices. In particular, a device may send messages that are bigger than the max-message-size that the protocol adapter has indicated during link establishment. While the AMQP 1.0 protocol explicitly disallows a peer to send such messages, a hand crafted AMQP 1.0 client could exploit this behavior in order to send a message of unlimited size to the adapter, eventually causing the adapter to fail with an out of memory exception. | |||||
CVE-2018-12545 | 2 Eclipse, Fedoraproject | 2 Jetty, Fedora | 2020-10-23 | 5.0 MEDIUM | 7.5 HIGH |
In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to the additional CPU and memory allocations required to handle changed settings. | |||||
CVE-2016-4800 | 2 Eclipse, Microsoft | 2 Jetty, Windows | 2020-10-20 | 7.5 HIGH | 9.8 CRITICAL |
The path normalization mechanism in PathResource class in Eclipse Jetty 9.3.x before 9.3.9 on Windows allows remote attackers to bypass protected resource restrictions and other security constraints via a URL with certain escaped characters, related to backslashes. | |||||
CVE-2018-12538 | 2 Eclipse, Netapp | 12 Jetty, E-series Santricity Management Plug-ins, E-series Santricity Os Controller and 9 more | 2020-10-20 | 6.5 MEDIUM | 8.8 HIGH |
In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore. | |||||
CVE-2019-17631 | 2 Eclipse, Redhat | 7 Openj9, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2020-10-16 | 6.4 MEDIUM | 9.1 CRITICAL |
From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks. | |||||
CVE-2019-11775 | 2 Eclipse, Redhat | 5 Openj9, Enterprise Linux Desktop, Enterprise Linux Server and 2 more | 2020-10-08 | 5.8 MEDIUM | 7.4 HIGH |
All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the modified copy of the loop allowing the test to see one value of the field and subsequently the loop to see a modified field value without retesting the condition moved out of the loop. This can lead to a variety of different issues but read out of array bounds is one major consequence of these problems. | |||||
CVE-2019-11777 | 1 Eclipse | 1 Paho Java Client | 2020-10-06 | 5.0 MEDIUM | 7.5 HIGH |
In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked. This could allow one MQTT server to impersonate another and provide the client library with incorrect information. | |||||
CVE-2019-10249 | 1 Eclipse | 2 Xtend, Xtext | 2020-10-02 | 6.8 MEDIUM | 8.1 HIGH |
All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised. | |||||
CVE-2018-12540 | 1 Eclipse | 1 Vert.x | 2020-09-08 | 6.8 MEDIUM | 8.8 HIGH |
In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired yet. | |||||
CVE-2018-12546 | 1 Eclipse | 1 Mosquitto | 2020-08-28 | 4.0 MEDIUM | 6.5 MEDIUM |
In Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) when a client publishes a retained message to a topic, then has its access to that topic revoked, the retained message will still be published to clients that subscribe to that topic in the future. In some applications this may result in clients being able cause effects that would otherwise not be allowed. | |||||
CVE-2019-9004 | 1 Eclipse | 1 Wakaama | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
In Eclipse Wakaama (formerly liblwm2m) 1.0, core/er-coap-13/er-coap-13.c in lwm2mserver in the LWM2M server mishandles invalid options, leading to a memory leak. Processing of a single crafted packet leads to leaking (wasting) 24 bytes of memory. This can lead to termination of the LWM2M server after exhausting all available memory. |