Search
Total
17 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-11784 | 6 Apache, Canonical, Debian and 3 more | 15 Tomcat, Ubuntu Linux, Debian Linux and 12 more | 2023-12-08 | 4.3 MEDIUM | 4.3 MEDIUM |
| When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. | |||||
| CVE-2016-0762 | 6 Apache, Canonical, Debian and 3 more | 15 Tomcat, Ubuntu Linux, Debian Linux and 12 more | 2023-12-08 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder. | |||||
| CVE-2016-6794 | 6 Apache, Canonical, Debian and 3 more | 14 Tomcat, Ubuntu Linux, Debian Linux and 11 more | 2023-12-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible. | |||||
| CVE-2020-11022 | 8 Debian, Drupal, Fedoraproject and 5 more | 78 Debian Linux, Drupal, Fedora and 75 more | 2022-07-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. | |||||
| CVE-2021-34429 | 3 Eclipse, Netapp, Oracle | 14 Jetty, E-series Santricity Os Controller, E-series Santricity Web Services and 11 more | 2022-07-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5. | |||||
| CVE-2020-11023 | 7 Debian, Drupal, Fedoraproject and 4 more | 54 Debian Linux, Drupal, Fedora and 51 more | 2022-07-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. | |||||
| CVE-2021-42550 | 3 Netapp, Qos, Redhat | 5 Cloud Manager, Service Level Manager, Snap Creator Framework and 2 more | 2022-07-22 | 8.5 HIGH | 6.6 MEDIUM |
| In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers. | |||||
| CVE-2020-5421 | 3 Netapp, Oracle, Vmware | 38 Oncommand Insight, Snap Creator Framework, Snapcenter and 35 more | 2022-06-23 | 3.6 LOW | 6.5 MEDIUM |
| In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter. | |||||
| CVE-2020-27218 | 4 Apache, Eclipse, Netapp and 1 more | 16 Kafka, Spark, Jetty and 13 more | 2022-05-12 | 5.8 MEDIUM | 4.8 MEDIUM |
| In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request. | |||||
| CVE-2020-13954 | 3 Apache, Netapp, Oracle | 6 Cxf, Snap Creator Framework, Vasa Provider For Clustered Data Ontap and 3 more | 2022-05-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This vulnerability affects all versions of Apache CXF prior to 3.4.1 and 3.3.8. Please note that this is a separate issue to CVE-2019-17573. | |||||
| CVE-2021-28169 | 4 Debian, Eclipse, Netapp and 1 more | 8 Debian Linux, Jetty, Active Iq Unified Manager and 5 more | 2022-05-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. | |||||
| CVE-2021-22096 | 3 Netapp, Oracle, Vmware | 8 Active Iq Unified Manager, Management Services For Element Software And Netapp Hci, Metrocluster Tiebreaker and 5 more | 2022-04-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. | |||||
| CVE-2020-27223 | 5 Apache, Debian, Eclipse and 2 more | 16 Nifi, Solr, Spark and 13 more | 2021-09-16 | 4.3 MEDIUM | 5.3 MEDIUM |
| In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. | |||||
| CVE-2019-10247 | 3 Eclipse, Netapp, Oracle | 24 Jetty, Element, Oncommand System Manager and 21 more | 2021-08-05 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. The default server behavior on jetty-distribution and jetty-home will include at the end of the Handler tree a DefaultHandler, which is responsible for reporting this 404 error, it presents the various configured contexts as HTML for users to click through to. This produced HTML includes output that contains the configured fully qualified directory base resource location for each context. | |||||
| CVE-2019-10246 | 4 Eclipse, Microsoft, Netapp and 1 more | 26 Jetty, Windows, Element and 23 more | 2021-06-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted to only the content in the configured base resource directories. | |||||
| CVE-2016-5710 | 1 Netapp | 1 Snap Creator Framework | 2020-02-13 | 3.5 LOW | 4.6 MEDIUM |
| NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors. | |||||
| CVE-2016-5372 | 1 Netapp | 1 Snap Creator Framework | 2017-11-16 | 6.8 MEDIUM | 6.3 MEDIUM |
| Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors. | |||||