Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
CVE-2021-28169 vulnerabilities and exploits
(subscribe to this query)
446
VMScore
CVE-2021-28169
For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the we...
Eclipse Jetty
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Rest Data Services
Oracle Communications Cloud Native Core Policy 1.14.0
Netapp Snap Creator Framework -
Netapp Hci -
Netapp Active Iq Unified Manager -
Netapp Management Services For Element Software -
2 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started