Jetty suffers from a vulnerability where certain encoded URIs and ambiguous paths can access protected files in the WEB-INF folder. Versions effected are: 9.4.37.v20210219, 9.4.38.v20210224 and 9.4.37-9.4.42, 10.0.1-10.0.5, 11.0.1-11.0.5. Exploitation can obtain any file in the WEB-INF folder, but web.xml is most likely to have information of value.
8dfcee78eebf17abc7fd9c39192937639d93c646932d8c726dffcbafbedbf39bEclipse Business Intelligence Reporting Tool versions 4.11.0 and below suffer from a bypass vulnerability that allows for remote code execution.
c55f3454bd72ca20861da343024e58d83bdc1baa9d2abb5c622862d863e3cabaRed Hat Security Advisory 2022-0138-06 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.0.0 serves as a replacement for Red Hat AMQ Streams 1.8.4, and includes security and bug fixes, and enhancements. Issues addressed include bypass and code execution vulnerabilities.
2f38e0d8dc7b220ec5d87808989b5228ca3d8752b3d04df31a78da378fe6296aZoom suffers from an information leak vulnerability in the MMR server.
ceaa806e1faea132492fe57be7bbd693988b712326fabb4aec96193d0e3374d0Zoom suffers from a buffer overflow vulnerability related to the processing of chat message.
a6e816c46fce3985cc7b2b11b9e6f3edebe9b65dcbbbf65037027c3d32e954f0Red Hat Security Advisory 2021-3759-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.0. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.
7265806b363eb2f9eb43a9647afb7e380c631bafc4c8c84cefa21d9b1bb6be63Red Hat Security Advisory 2021-3758-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.0. Issues addressed include memory exhaustion and use-after-free vulnerabilities.
30f88c1cf7a576b5db0d89ce77067f102c420b77a57f911c78865ff056d43120Red Hat Security Advisory 2021-3851-01 - Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This advisory is intended to use with Container Images, for Red Hat 3scale API Management 2.11.0. Issues addressed include a cross site scripting vulnerability.
e4888f040246d49c7a7c2e4f31bece8b08efa09009b3ee41382c5876a9bfdbbcRed Hat Security Advisory 2021-3700-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.9.0 serves as a replacement for Red Hat AMQ Broker 7.8.2, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include bypass, denial of service, information leakage, resource exhaustion, and traversal vulnerabilities.
a8a12dcc50fccbe685347bca1c58d45fbfe797cf6ab2e35bef81923f2d3fef9bRed Hat Security Advisory 2021-3225-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.8.0 serves as a replacement for Red Hat AMQ Streams 1.7.0, and includes security and bug fixes, and enhancements. Issues addressed include information leakage, resource exhaustion, and traversal vulnerabilities.
f799cc6edbac4d0b98864f1662ed210d6e06f745c7ff0e79f347ad596baa1447Debian Linux Security Advisory 4949-1 - Multiple vulnerabilities were discovered in Jetty, a Java servlet engine and webserver which could result in cross-site scripting, information disclosure, privilege escalation or denial of service.
36aa94d69a18cbcbfbe8632d49d6587502da2bc7f601b1dddaab1fd811d2bbcd
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed