eclipse
268 tracked vulnerabilities.
CVE-2021-41035
CRITICAL
Eclipse Openj9 <0.29.0 - Info Disclosure
Oct 25, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-41034
HIGH
Eclipse Che 6.0.0-7.0.0 - Unauthenticated MITM Binary Replacement via Unsecured HTTP Endpoint
Sep 29, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-41033
HIGH
Eclipse Equinox <4.21 - Man-In-The-Middle
Sep 13, 2021
CVSS 8.1
EPSS 0.01
CVE-2021-32835
CRITICAL
Eclipse Keti - Post-Authentication Remote Code Execution via Sandbox Escape
Sep 09, 2021
CVSS 9.9
EPSS 0.05
CVE-2021-32834
HIGH
Eclipse Keti - Remote Code Execution via Groovy Script Injection
Sep 09, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-34436
CRITICAL
Eclipse Theia 0.1.1-0.2.0 - Remote Code Execution and XML External Entity Injection via theia-xml-extension
Sep 02, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-34435
HIGH
Eclipse Theia 0.3.9-1.8.1 - Remote Code Execution via Mini-Browser HTML Preview
Sep 01, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-34434
MEDIUM
Eclipse Mosquitto 2.0-2.0.11 - Improper Authorization in Dynamic Security Plugin
Aug 30, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-34433
HIGH
Eclipse Californium <2.6.4 & 3.0.0-M1-M3 - SSL/TLS Verification Bypass
Aug 20, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-34432
HIGH
Eclipse Mosquitto < 2.0.7 - Denial of Service via Zero-Length Topic PUBLISH Packet
Jul 27, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-34431
MEDIUM
Eclipse Mosquitto 1.6-2.0.10 - Authenticated Denial of Service via MQTT v5 CONNECT Message
Jul 22, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-34429
MEDIUM
NUCLEI
Eclipse Jetty 9.4.37-9.4.42, 10.0.1-10.0.5, 11.0.1-11.0.5 - Directory Traversal & Security Bypass via Encoded URI
Jul 15, 2021
CVSS 5.3
EPSS 0.99
CVE-2021-34430
HIGH
Eclipse TinyDTLS through 0.9-rc1 - Inadequate Encryption Strength via C Library rand Function
Jul 08, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-34427
CRITICAL
NUCLEI
Eclipse BIRT < 4.8.0 - Remote Code Execution via JSP File Upload
Jun 25, 2021
CVSS 9.8
EPSS 0.58
CVE-2021-34428
LOW
Eclipse Jetty <= 9.4.40 - Insufficient Session Expiration via SessionListener Exception
Jun 22, 2021
CVSS 2.9
EPSS 0.01
CVE-2021-28169
MEDIUM
NUCLEI
Eclipse Jetty ConcatServlet - Information Disclosure
Jun 09, 2021
CVSS 5.3
EPSS 0.78
CVE-2021-28170
MEDIUM
Jakarta Expression Language <3.0.3 - Info Disclosure
May 26, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-28168
MEDIUM
Eclipse Jersey 2.28-2.33 & 3.0.0-3.0.1 - Info Disclosure
Apr 22, 2021
CVSS 6.2
EPSS 0.01
CVE-2021-28167
MEDIUM
Eclipse Openj9 <0.25.0 - Info Disclosure
Apr 21, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-28166
MEDIUM
Eclipse Mosquitto <2.0.10 - Use After Free
Apr 07, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-28165
HIGH
Eclipse Jetty 7.2.2-9.4.38, 10.0.0.alpha0-10.0.1, 11.0.0.alpha0-11.0.1 - Denial of Service via Invalid TLS Frame
Apr 01, 2021
CVSS 7.5
EPSS 0.54
CVE-2021-28164
MEDIUM
NUCLEI
Eclipse Jetty - Information Disclosure
Apr 01, 2021
CVSS 5.3
EPSS 0.82
CVE-2021-28163
LOW
NetApp Cloud Manager - Exposure of Sensitive Information via Symlink Webapps Directory
Apr 01, 2021
CVSS 2.7
EPSS 0.04
CVE-2021-28162
MEDIUM
Eclipse Theia <= 0.16.0 - Stored Cross-Site Scripting in Notification Messages
Mar 12, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-28161
MEDIUM
Eclipse Theia <= 1.8.0 - Stored Cross-Site Scripting in Debug Console
Mar 12, 2021
CVSS 6.1
EPSS 0.01
Products
jetty 47
mosquitto 26
openj9 21
threadx_netx_duo 21
threadx_usbx 15
glassfish 12
theia 11
vert.x 10
omr 6
threadx 6
kura 5
californium 4
che 4
cyclone_data_distribution_service 4
open_vsx 4
business_intelligence_and_reporting_tools 3
eclipse_ide 3
jgit 3
memory_analyzer 3
mojarra 3
vert.x-web 3
cyclonedds 2
eclipse_dataspace_components 2
hawkbit 2
hono 2
jersey 2
keti 2
lemminx 2
openmq 2
parsson 2
Quick Filters