Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-2080

Опубликовано: 07 окт. 2016
Источник: debian

Описание

The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
jettynot-affectedpackage
jetty8not-affectedpackage

Примечания

  • http://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00074.html

  • https://github.com/eclipse/jetty.project/blob/master/advisories/2015-02-24-httpparser-error-buffer-bleed.md

  • http://blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnerability-remote-leakage-of-shared-buffers-in-je.html

Связанные уязвимости

ubuntu логотип

CVE-2015-2080

CVSS3: 7.5
ubuntu
больше 9 лет назад

The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.

redhat логотип

CVE-2015-2080

redhat
почти 11 лет назад

The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.

nvd логотип

CVE-2015-2080

CVSS3: 7.5
nvd
больше 9 лет назад

The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.

github логотип

GHSA-ghgj-3xqr-6jfm

CVSS3: 7.5
github
около 7 лет назад

Jetty vulnerable to exposure of sensitive information to unauthenticated remote users