Описание
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.
Отчет
This issue did not affect the versions of jetty as shipped with Red Hat Enterprise Linux 7, versions of openshift-origin-cartridge-fuse as shipped with Red Hat OpenShift Enterprise 2.1, and versions of nutch as shipped with Red Hat Satellite 5.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | jetty | Not affected | ||
| Red Hat OpenShift Enterprise 2 | openshift-origin-cartridge-fuse | Not affected | ||
| Red Hat Satellite 5 | nutch | Not affected |
Показывать по
Дополнительная информация
Статус:
5 Medium
CVSS2
Связанные уязвимости
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 al ...
Jetty vulnerable to exposure of sensitive information to unauthenticated remote users
5 Medium
CVSS2