exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2021-34428

больше 4 лет назад

For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in.

CVSS3: 2.9

EPSS: Низкий

CVE-2021-34428

больше 4 лет назад

For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in.

CVSS3: 3.5

EPSS: Низкий

CVE-2021-34428

больше 4 лет назад

For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in.

CVSS3: 2.9

EPSS: Низкий

CVE-2021-34428

больше 4 лет назад

For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exce ...

CVSS3: 2.9

EPSS: Низкий

GHSA-m6cp-vxjx-65j6

больше 4 лет назад

SessionListener can prevent a session from being invalidated breaking logout

CVSS3: 3.5

EPSS: Низкий

BDU:2021-03243

больше 4 лет назад

Уязвимость метода SessionListener#sessionDestroyed() контейнера сервлетов Eclipse Jetty, позволяющая нарушителю повысить свои привилегии

CVSS3: 2.9

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-34428 For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in.	CVSS3: 2.9	1% Низкий	больше 4 лет назад
CVE-2021-34428 For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in.	CVSS3: 3.5	1% Низкий	больше 4 лет назад
CVE-2021-34428 For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in.	CVSS3: 2.9	1% Низкий	больше 4 лет назад
CVE-2021-34428 For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exce ...	CVSS3: 2.9	1% Низкий	больше 4 лет назад
GHSA-m6cp-vxjx-65j6 SessionListener can prevent a session from being invalidated breaking logout	CVSS3: 3.5	1% Низкий	больше 4 лет назад
BDU:2021-03243 Уязвимость метода SessionListener#sessionDestroyed() контейнера сервлетов Eclipse Jetty, позволяющая нарушителю повысить свои привилегии	CVSS3: 2.9	1% Низкий	больше 4 лет назад

Уязвимостей на страницу