Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eclipse jetty 9.3.3 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2016-4800
The path normalization mechanism in PathResource class in Eclipse Jetty 9.3.x prior to 9.3.9 on Windows allows remote malicious users to bypass protected resource restrictions and other security constraints via a URL with certain escaped characters, related to backslashes.
Eclipse Jetty 9.3.0
Eclipse Jetty 9.3.1
Eclipse Jetty 9.3.2
Eclipse Jetty 9.3.3
Eclipse Jetty 9.3.4
Eclipse Jetty 9.3.5
Eclipse Jetty 9.3.6
Eclipse Jetty 9.3.7
Eclipse Jetty 9.3.8
1 Github repository
445
VMScore
CVE-2018-12545
In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to the additional CPU and memory al...
Eclipse Jetty 9.3.0
Eclipse Jetty 9.3.4
Eclipse Jetty 9.3.7
Eclipse Jetty 9.3.8
Eclipse Jetty 9.3.1
Eclipse Jetty 9.3.2
Eclipse Jetty 9.3.3
Eclipse Jetty 9.3.5
Eclipse Jetty 9.3.6
Eclipse Jetty 9.3.9
Eclipse Jetty 9.3.10
Eclipse Jetty 9.3.11
Eclipse Jetty 9.3.12
Eclipse Jetty 9.3.13
Eclipse Jetty 9.3.14
Eclipse Jetty 9.3.15
Eclipse Jetty 9.3.16
Eclipse Jetty 9.3.17
Eclipse Jetty 9.3.18
Eclipse Jetty 9.3.19
Eclipse Jetty 9.3.20
Eclipse Jetty 9.3.21
384
VMScore
CVE-2019-10241
In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory cont...
Eclipse Jetty 9.3.0
Eclipse Jetty 9.3.4
Eclipse Jetty 9.3.7
Eclipse Jetty 9.3.8
Eclipse Jetty 9.3.1
Eclipse Jetty 9.3.2
Eclipse Jetty 9.3.3
Eclipse Jetty 9.3.5
Eclipse Jetty 9.3.6
Eclipse Jetty 9.3.9
Eclipse Jetty 9.3.10
Eclipse Jetty 9.3.11
Eclipse Jetty 9.3.12
Eclipse Jetty 9.3.13
Eclipse Jetty 9.3.14
Eclipse Jetty 9.3.15
Eclipse Jetty 9.3.16
Eclipse Jetty 9.3.17
Eclipse Jetty 9.3.18
Eclipse Jetty 9.3.19
Eclipse Jetty 9.3.20
Eclipse Jetty 9.3.21
446
VMScore
CVE-2019-10247
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Con...
Eclipse Jetty 9.3.0
Eclipse Jetty 9.3.4
Eclipse Jetty 9.3.7
Eclipse Jetty 9.3.8
Eclipse Jetty 9.3.1
Eclipse Jetty 9.3.2
Eclipse Jetty 9.3.3
Eclipse Jetty 9.3.5
Eclipse Jetty 9.3.6
Eclipse Jetty 9.3.9
Eclipse Jetty 9.3.10
Eclipse Jetty 9.3.11
Eclipse Jetty 9.3.12
Eclipse Jetty 9.3.13
Eclipse Jetty 9.3.14
Eclipse Jetty 9.3.15
Eclipse Jetty 9.3.16
Eclipse Jetty 9.3.17
Eclipse Jetty 9.3.18
Eclipse Jetty 9.3.19
Eclipse Jetty 9.3.20
Eclipse Jetty 9.3.21
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started