Vulnerabilities > Eclipse

DATE	CVE	VULNERABILITY TITLE	RISK
2017-04-13	CVE-2016-4800	Improper Access Control vulnerability in Eclipse Jetty The path normalization mechanism in PathResource class in Eclipse Jetty 9.3.x before 9.3.9 on Windows allows remote attackers to bypass protected resource restrictions and other security constraints via a URL with certain escaped characters, related to backslashes. network low complexity eclipse CWE-284 critical	9.8
2017-03-24	CVE-2017-7243	NULL Pointer Dereference vulnerability in Eclipse Tinydtls 0.8.2 Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial of service (DTLS peer crash) by sending a "Change cipher spec" packet without pre-handshake. network low complexity eclipse CWE-476	7.5
2016-10-07	CVE-2015-2080	Information Exposure vulnerability in multiple products The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak. network low complexity fedoraproject eclipse CWE-200	7.5

Vulnerabilities > Eclipse {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Eclipse"}]}