eclipse

268 tracked vulnerabilities.

CVE-2021-41035 CRITICAL
Eclipse Openj9 <0.29.0 - Info Disclosure
Oct 25, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-41034 HIGH
Eclipse Che 6.0.0-7.0.0 - Unauthenticated MITM Binary Replacement via Unsecured HTTP Endpoint
Sep 29, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-41033 HIGH
Eclipse Equinox <4.21 - Man-In-The-Middle
Sep 13, 2021
CVSS 8.1
EPSS 0.01
CVE-2021-32835 CRITICAL
Eclipse Keti - Post-Authentication Remote Code Execution via Sandbox Escape
Sep 09, 2021
CVSS 9.9
EPSS 0.05
CVE-2021-32834 HIGH
Eclipse Keti - Remote Code Execution via Groovy Script Injection
Sep 09, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-34436 CRITICAL
Eclipse Theia 0.1.1-0.2.0 - Remote Code Execution and XML External Entity Injection via theia-xml-extension
Sep 02, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-34435 HIGH
Eclipse Theia 0.3.9-1.8.1 - Remote Code Execution via Mini-Browser HTML Preview
Sep 01, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-34434 MEDIUM
Eclipse Mosquitto 2.0-2.0.11 - Improper Authorization in Dynamic Security Plugin
Aug 30, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-34433 HIGH
Eclipse Californium <2.6.4 & 3.0.0-M1-M3 - SSL/TLS Verification Bypass
Aug 20, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-34432 HIGH
Eclipse Mosquitto < 2.0.7 - Denial of Service via Zero-Length Topic PUBLISH Packet
Jul 27, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-34431 MEDIUM
Eclipse Mosquitto 1.6-2.0.10 - Authenticated Denial of Service via MQTT v5 CONNECT Message
Jul 22, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-34429 MEDIUM NUCLEI
Eclipse Jetty 9.4.37-9.4.42, 10.0.1-10.0.5, 11.0.1-11.0.5 - Directory Traversal & Security Bypass via Encoded URI
Jul 15, 2021
CVSS 5.3
EPSS 0.99
CVE-2021-34430 HIGH
Eclipse TinyDTLS through 0.9-rc1 - Inadequate Encryption Strength via C Library rand Function
Jul 08, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-34427 CRITICAL NUCLEI
Eclipse BIRT < 4.8.0 - Remote Code Execution via JSP File Upload
Jun 25, 2021
CVSS 9.8
EPSS 0.58
CVE-2021-34428 LOW
Eclipse Jetty <= 9.4.40 - Insufficient Session Expiration via SessionListener Exception
Jun 22, 2021
CVSS 2.9
EPSS 0.01
CVE-2021-28169 MEDIUM NUCLEI
Eclipse Jetty ConcatServlet - Information Disclosure
Jun 09, 2021
CVSS 5.3
EPSS 0.78
CVE-2021-28170 MEDIUM
Jakarta Expression Language <3.0.3 - Info Disclosure
May 26, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-28168 MEDIUM
Eclipse Jersey 2.28-2.33 & 3.0.0-3.0.1 - Info Disclosure
Apr 22, 2021
CVSS 6.2
EPSS 0.01
CVE-2021-28167 MEDIUM
Eclipse Openj9 <0.25.0 - Info Disclosure
Apr 21, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-28166 MEDIUM
Eclipse Mosquitto <2.0.10 - Use After Free
Apr 07, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-28165 HIGH
Eclipse Jetty 7.2.2-9.4.38, 10.0.0.alpha0-10.0.1, 11.0.0.alpha0-11.0.1 - Denial of Service via Invalid TLS Frame
Apr 01, 2021
CVSS 7.5
EPSS 0.54
CVE-2021-28164 MEDIUM NUCLEI
Eclipse Jetty - Information Disclosure
Apr 01, 2021
CVSS 5.3
EPSS 0.82
CVE-2021-28163 LOW
NetApp Cloud Manager - Exposure of Sensitive Information via Symlink Webapps Directory
Apr 01, 2021
CVSS 2.7
EPSS 0.04
CVE-2021-28162 MEDIUM
Eclipse Theia <= 0.16.0 - Stored Cross-Site Scripting in Notification Messages
Mar 12, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-28161 MEDIUM
Eclipse Theia <= 1.8.0 - Stored Cross-Site Scripting in Debug Console
Mar 12, 2021
CVSS 6.1
EPSS 0.01