Vulnerabilities > Eclipse
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-18 | CVE-2023-26048 | Unspecified vulnerability in Eclipse Jetty Jetty is a java based web server and servlet engine. | 5.3 |
| 2023-04-18 | CVE-2023-26049 | Jetty is a java based web server and servlet engine. | 5.3 |
| 2023-03-15 | CVE-2023-0100 | Unspecified vulnerability in Eclipse Business Intelligence and Reporting Tools In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter (e.g. | 8.8 |
| 2023-02-09 | CVE-2023-24815 | Unspecified vulnerability in Eclipse Vert.X-Web Vert.x-Web is a set of building blocks for building web applications in the java programming language. | 5.3 |
| 2023-01-27 | CVE-2022-2712 | Path Traversal vulnerability in Eclipse Glassfish 5.1.0/6.0.0/6.2.5 In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'. | 7.5 |
| 2022-11-10 | CVE-2022-36022 | Use of Insufficiently Random Values vulnerability in Eclipse Deeplearning4J Deeplearning4J is a suite of tools for deploying and training deep learning models using the JVM. | 5.3 |
| 2022-11-10 | CVE-2022-39368 | Incomplete Cleanup vulnerability in Eclipse Californium Eclipse Californium is a Java implementation of RFC7252 - Constrained Application Protocol for IoT Cloud services. | 8.2 |
| 2022-10-24 | CVE-2022-3676 | Type Confusion vulnerability in Eclipse Openj9 In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. | 6.5 |
| 2022-09-08 | CVE-2022-25897 | Allocation of Resources Without Limits or Throttling vulnerability in Eclipse Milo The package org.eclipse.milo:sdk-server before 0.6.8 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False. | 7.5 |
| 2022-08-16 | CVE-2022-2838 | XXE vulnerability in Eclipse Sphinx In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests. | 5.3 |