eclipse

260 tracked vulnerabilities.

CVE-2022-2576 HIGH
Eclipse Californium 2.0.0-2.7.2 and 3.0.0-3.5.0 - Denial of Service via DTLS Resumption Handshake Fallback
Jul 29, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-2191 HIGH
Eclipse Jetty <11.0.9 - Memory Corruption
Jul 07, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-2048 HIGH
Eclipse Jetty < 9.4.47 - Denial of Service via HTTP/2 Request Error Handling
Jul 07, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-2047 LOW
Eclipse Jetty 9.4.0-9.4.46, 10.0.0-10.0.9, 11.0.0-11.0.9 - Improper Input Validation in HttpURI Authority Parsing
Jul 07, 2022
CVSS 2.7
EPSS 0.01
CVE-2022-29246 CRITICAL
Azure RTOS USBX <6.1.11 - Buffer Overflow
May 24, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-29223 HIGH
Azure RTOS USBX <6.1.10 - Buffer Overflow
May 24, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-0673 MEDIUM
LemMinX < 0.19.0 - Path Traversal via External Schema File Cache Poisoning
Feb 18, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-0672 MEDIUM
LemMinX < 0.19.0 - Exposure of Sensitive Information via Insecure Redirect
Feb 18, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-41037 CRITICAL
Eclipse Equinox p2 - Untrusted Installable Unit Execution via Touchpoint Configuration
Jul 08, 2022
CVSS 10.0
EPSS 0.01
CVE-2021-41042 MEDIUM
Eclipse Lyo 1.0.0-4.1.0 - XML External Entity Injection via RDF/XML TransformerFactory
Jul 07, 2022
CVSS 5.3
EPSS 0.00
CVE-2021-38443 MEDIUM
Eclipse CycloneDDS <0.8.0 - Info Disclosure
May 05, 2022
CVSS 6.6
EPSS 0.00
CVE-2021-38441 MEDIUM
Eclipse CycloneDDS <0.8.0 - Memory Corruption
May 05, 2022
CVSS 6.6
EPSS 0.00
CVE-2021-41041 MEDIUM
Eclipse Openj9 <0.32.0 - Code Injection
Apr 27, 2022
CVSS 5.3
EPSS 0.00
CVE-2021-41040 HIGH
Eclipse Wakaama - Out-of-bounds Read in CoAP Parser
Feb 01, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-41039 HIGH
Eclipse Mosquitto 1.6-2.0.11 - Denial of Service via MQTT v5 User-Property Flood
Dec 01, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-41038 MEDIUM
Eclipse Theia < 1.18.0 - Webview Content Hijacking via postMessage
Nov 10, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-41036 CRITICAL
Eclipse Paho MQTT C Client <1.1 - Info Disclosure
Nov 03, 2021
CVSS 9.8
EPSS 0.00
CVE-2021-41035 CRITICAL
Eclipse Openj9 <0.29.0 - Info Disclosure
Oct 25, 2021
CVSS 9.8
EPSS 0.00
CVE-2021-41034 HIGH
Eclipse Che 6.0.0-7.0.0 - Unauthenticated MITM Binary Replacement via Unsecured HTTP Endpoint
Sep 29, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-41033 HIGH
Eclipse Equinox <4.21 - Man-In-The-Middle
Sep 13, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-32835 CRITICAL
Eclipse Keti - Post-Authentication Remote Code Execution via Sandbox Escape
Sep 09, 2021
CVSS 9.9
EPSS 0.03
CVE-2021-32834 HIGH
Eclipse Keti - Remote Code Execution via Groovy Script Injection
Sep 09, 2021
CVSS 8.2
EPSS 0.00
CVE-2021-34436 CRITICAL
Eclipse Theia 0.1.1-0.2.0 - Remote Code Execution and XML External Entity Injection via theia-xml-extension
Sep 02, 2021
CVSS 9.8
EPSS 0.04
CVE-2021-34435 HIGH
Eclipse Theia 0.3.9-1.8.1 - Remote Code Execution via Mini-Browser HTML Preview
Sep 01, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-34434 MEDIUM
Eclipse Mosquitto 2.0-2.0.11 - Improper Authorization in Dynamic Security Plugin
Aug 30, 2021
CVSS 5.3
EPSS 0.00
Products
jetty 47 mosquitto 26 openj9 21 threadx_netx_duo 20 threadx_usbx 15 glassfish 12 vert.x 10 theia 7 omr 6 threadx 6 kura 5 californium 4 che 4 cyclone_data_distribution_service 4 business_intelligence_and_reporting_tools 3 eclipse_ide 3 jgit 3 memory_analyzer 3 mojarra 3 vert.x-web 3 cyclonedds 2 eclipse_dataspace_components 2 hawkbit 2 hono 2 jersey 2 keti 2 lemminx 2 open_vsx 2 openmq 2 parsson 2
Quick Filters
Critical CVEs With Exploits In CISA KEV