CVE-2015-2080

Опубликовано: 07 окт. 2016

Источник: ubuntu

Приоритет: medium

EPSS Критический

CVSS2: 5

CVSS3: 7.5

Описание

The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.

Релиз	Статус	Примечание
devel	not-affected	< 9.x
esm-infra-legacy/trusty	not-affected	< 9.x
lucid	not-affected	< 9.x
precise	not-affected	< 9.x
trusty	not-affected	< 9.x
trusty/esm	not-affected	< 9.x
upstream	needs-triage
utopic	not-affected	< 9.x

Показывать по

Релиз	Статус	Примечание
devel	not-affected	< 9.x
esm-infra-legacy/trusty	not-affected	< 9.x
lucid	DNE
precise	DNE
trusty	not-affected	< 9.x
trusty/esm	not-affected	< 9.x
upstream	needs-triage
utopic	not-affected	< 9.x

Показывать по

Ссылки на источники

EPSS

Процентиль: 100%

0.92414

Критический

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2015-2080

redhat

почти 11 лет назад

The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.

CVE-2015-2080

CVSS3: 7.5

nvd

больше 9 лет назад

The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.

CVE-2015-2080

CVSS3: 7.5

debian

больше 9 лет назад

The exception handling code in Eclipse Jetty before 9.2.9.v20150224 al ...

GHSA-ghgj-3xqr-6jfm

CVSS3: 7.5

github

около 7 лет назад

Jetty vulnerable to exposure of sensitive information to unauthenticated remote users

EPSS

Процентиль: 100%

0.92414

Критический

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2015-2080

Описание

Пакет jetty

Пакет jetty8

Ссылки на источники

Связанные уязвимости