Vulnerabilities > Eclipse

DATE CVE VULNERABILITY TITLE RISK
2023-09-15 CVE-2023-40167 Jetty is a Java based web server and servlet engine.
network
low complexity
eclipse debian
5.3
2023-09-15 CVE-2023-36479 Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project.
network
low complexity
eclipse debian
4.3
2023-09-12 CVE-2023-4759 Improper Handling of Case Sensitivity vulnerability in Eclipse Jgit
Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem, or when a checkout from a clone of such a repository is performed on a case-insensitive filesystem. This can happen on checkout (DirCacheCheckout), merge (ResolveMerger via its WorkingTreeUpdater), pull (PullCommand using merge), and when applying a patch (PatchApplier).
network
low complexity
eclipse CWE-178
8.8
2023-09-01 CVE-2023-28366 Memory Leak vulnerability in Eclipse Mosquitto
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands.
network
low complexity
eclipse CWE-401
7.5
2023-08-31 CVE-2023-41034 Unspecified vulnerability in Eclipse Leshan
Eclipse Leshan is a device management server and client Java implementation.
network
low complexity
eclipse
critical
9.8
2023-05-22 CVE-2023-2597 Out-of-bounds Read vulnerability in Eclipse Openj9
In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer.
network
low complexity
eclipse CWE-125
critical
9.1
2023-05-12 CVE-2023-32081 Unspecified vulnerability in Eclipse Vert.X Stomp
Vert.x STOMP is a vert.x implementation of the STOMP specification that provides a STOMP server and client.
network
low complexity
eclipse
6.5
2023-04-18 CVE-2023-26048 Unspecified vulnerability in Eclipse Jetty
Jetty is a java based web server and servlet engine.
network
low complexity
eclipse
5.3
2023-04-18 CVE-2023-26049 Jetty is a java based web server and servlet engine.
network
low complexity
eclipse debian netapp
5.3
2023-03-15 CVE-2023-0100 Unspecified vulnerability in Eclipse Business Intelligence and Reporting Tools
In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter (e.g.
network
low complexity
eclipse
8.8