Multiple security vulnerabilities were found in Jetty, a Java based web server
and servlet engine
The orgeclipsejettyservletsCGI class has been deprecated It is potentially
unsafe to use it The upstream developers of Jetty recommend to use Fast CGI
instead See also CVE-2023-36479
CVE-2023-26048
In affected versions servlets with multi ...
Synopsis
Moderate: Red Hat Integration Camel for Spring Boot 400 release and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Integration Camel for Spring Boot 400 release and security update is now available Red Hat Product Security has rated this update as having an impact of Moderate A Common Vulnerability Scor ...
Synopsis
Important: Red Hat AMQ Streams 260 release and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat AMQ Streams 260 is now available from the Red Hat Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Synopsis
Critical: Red Hat Fuse 7121 release and security update
Type/Severity
Security Advisory: Critical
Topic
A minor version update (from 712 to 7121) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security has rated this update ...
Synopsis
Important: Red Hat Integration Camel Extensions for Quarkus 2133 security update
Type/Severity
Security Advisory: Important
Topic
Red Hat Integration Camel Extensions for Quarkus 2133 release and security update is now available (updates to RHBQ 2138SP3)Red Hat Product Security has rated this update as having an impact of Imp ...
Synopsis
Important: Red Hat AMQ Broker 7113 release and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat AMQ Broker 7113 is now available from the Red Hat Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
概述
Moderate: AMQ Clients 2023Q4
类型/严重性
Security Advisory: Moderate
标题
An update is now available for Red Hat AMQ ClientsRed Hat Product Security has rated this update as having an impact ofModerateA Common Vulnerability Scoring System (CVSS) base score, which gives a detailedseverity rating, is available for each vulnerabi ...
Synopsis
Important: Jenkins and Jenkins-2-plugins security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...
Jetty is a Java based web server and servlet engine Prior to versions 9452, 10016, 11016, and 1201, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header field This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses There is no known exploit sc ...
Description<!---->A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responsesA flaw was found in Jetty t ...