eclipse

260 tracked vulnerabilities.

CVE-2021-34433 HIGH
Eclipse Californium <2.6.4 & 3.0.0-M1-M3 - SSL/TLS Verification Bypass
Aug 20, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-34432 HIGH
Eclipse Mosquitto < 2.0.7 - Denial of Service via Zero-Length Topic PUBLISH Packet
Jul 27, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-34431 MEDIUM
Eclipse Mosquitto 1.6-2.0.10 - Authenticated Denial of Service via MQTT v5 CONNECT Message
Jul 22, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-34429 MEDIUM NUCLEI
Eclipse Jetty 9.4.37-9.4.42, 10.0.1-10.0.5, 11.0.1-11.0.5 - Directory Traversal & Security Bypass via Encoded URI
Jul 15, 2021
CVSS 5.3
EPSS 0.94
CVE-2021-34430 HIGH
Eclipse TinyDTLS through 0.9-rc1 - Inadequate Encryption Strength via C Library rand Function
Jul 08, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-34427 CRITICAL NUCLEI
Eclipse BIRT < 4.8.0 - Remote Code Execution via JSP File Upload
Jun 25, 2021
CVSS 9.8
EPSS 0.67
CVE-2021-34428 LOW
Eclipse Jetty <= 9.4.40 - Insufficient Session Expiration via SessionListener Exception
Jun 22, 2021
CVSS 2.9
EPSS 0.00
CVE-2021-28169 MEDIUM NUCLEI
Eclipse Jetty ConcatServlet - Information Disclosure
Jun 09, 2021
CVSS 5.3
EPSS 0.90
CVE-2021-28170 MEDIUM
Jakarta Expression Language <3.0.3 - Info Disclosure
May 26, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-28168 MEDIUM
Eclipse Jersey 2.28-2.33 & 3.0.0-3.0.1 - Info Disclosure
Apr 22, 2021
CVSS 6.2
EPSS 0.00
CVE-2021-28167 MEDIUM
Eclipse Openj9 <0.25.0 - Info Disclosure
Apr 21, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-28166 MEDIUM
Eclipse Mosquitto <2.0.10 - Use After Free
Apr 07, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-28165 HIGH
Eclipse Jetty 7.2.2-9.4.38, 10.0.0.alpha0-10.0.1, 11.0.0.alpha0-11.0.1 - Denial of Service via Invalid TLS Frame
Apr 01, 2021
CVSS 7.5
EPSS 0.14
CVE-2021-28164 MEDIUM NUCLEI
Eclipse Jetty - Information Disclosure
Apr 01, 2021
CVSS 5.3
EPSS 0.93
CVE-2021-28163 LOW
NetApp Cloud Manager - Exposure of Sensitive Information via Symlink Webapps Directory
Apr 01, 2021
CVSS 2.7
EPSS 0.00
CVE-2021-28162 MEDIUM
Eclipse Theia <= 0.16.0 - Stored Cross-Site Scripting in Notification Messages
Mar 12, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-28161 MEDIUM
Eclipse Theia <= 1.8.0 - Stored Cross-Site Scripting in Debug Console
Mar 12, 2021
CVSS 6.1
EPSS 0.00
CVE-2020-18735 HIGH
Eclipse IOT Cyclone DDS Project <0.1.0 - Buffer Overflow
Aug 23, 2021
CVSS 7.5
EPSS 0.01
CVE-2020-18734 HIGH
Eclipse IOT Cyclone DDS Project <0.1.0 - Buffer Overflow
Aug 23, 2021
CVSS 7.5
EPSS 0.01
CVE-2020-6950 MEDIUM NUCLEI
Eclipse Mojarra < 2.3.14 - Path Traversal via loc or con Parameter
Jun 02, 2021
CVSS 6.5
EPSS 0.52
CVE-2020-27225 HIGH
Eclipse Platform <4.18 - Info Disclosure
Mar 09, 2021
CVSS 7.8
EPSS 0.00
CVE-2020-27223 MEDIUM
Eclipse Jetty 9.4.6-9.4.36, 10.0.0, 11.0.0 - Denial of Service via Multiple Accept Headers with Quality Parameters
Feb 26, 2021
CVSS 5.2
EPSS 0.28
CVE-2020-27224 CRITICAL
Eclipse Theia <= 1.2.0 - Remote Code Execution via Markdown Preview
Feb 24, 2021
CVSS 9.6
EPSS 0.01
CVE-2020-27222 HIGH
Eclipse Californium 2.3.0-2.6.0 - Denial of Service via DTLS Handshake State Mismatch
Feb 03, 2021
CVSS 7.5
EPSS 0.00
CVE-2020-27221 CRITICAL
Eclipse OpenJ9 <0.23 - Buffer Overflow
Jan 21, 2021
CVSS 9.8
EPSS 0.01
Products
jetty 47 mosquitto 26 openj9 21 threadx_netx_duo 20 threadx_usbx 15 glassfish 12 vert.x 10 theia 7 omr 6 threadx 6 kura 5 californium 4 che 4 cyclone_data_distribution_service 4 business_intelligence_and_reporting_tools 3 eclipse_ide 3 jgit 3 memory_analyzer 3 mojarra 3 vert.x-web 3 cyclonedds 2 eclipse_dataspace_components 2 hawkbit 2 hono 2 jersey 2 keti 2 lemminx 2 open_vsx 2 openmq 2 parsson 2
Quick Filters
Critical CVEs With Exploits In CISA KEV