Vulnerabilities (CVE)

Filtered by vendor Eclipse Subscribe
Total 162 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-35217 1 Eclipse 1 Vert.x-web 2023-12-10 6.8 MEDIUM 8.8 HIGH
Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSRF verification. Instead of comparing the CSRF token in the request with the CSRF token in the cookie, it compares the CSRF token in the cookie against a CSRF token that is stored in the session. An attacker does not even need to provide a CSRF token in the request because the framework does not consider it. The cookies are automatically sent by the browser and the verification will always succeed, leading to a successful CSRF attack.
CVE-2021-28162 1 Eclipse 1 Theia 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run.
CVE-2020-27219 1 Eclipse 1 Hawkbit 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescaped to the client.
CVE-2021-28161 1 Eclipse 1 Theia 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
In Eclipse Theia versions up to and including 1.8.0, in the debug console there is no HTML escaping, so arbitrary Javascript code can be injected.
CVE-2020-27221 1 Eclipse 1 Openj9 2023-12-10 7.5 HIGH 9.8 CRITICAL
In Eclipse OpenJ9 up to and including version 0.23, there is potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding.
CVE-2020-27224 1 Eclipse 1 Theia 2023-12-10 9.3 HIGH 9.6 CRITICAL
In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code.
CVE-2019-17639 1 Eclipse 1 Openj9 2023-12-10 5.0 MEDIUM 5.3 MEDIUM
In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefined return value. This allows whatever value happens to be in the return register at that time to be used as if it matches the method's declared return type.
CVE-2019-17638 1 Eclipse 1 Jetty 2023-12-10 7.5 HIGH 9.4 CRITICAL
In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this double release, two threads can acquire the same ByteBuffer from the pool and while thread1 is about to use the ByteBuffer to write response1 data, thread2 fills the ByteBuffer with other data. Thread1 then proceeds to write the buffer that now contains different data. This results in client1, which issued request1 seeing data from another request or response which could contain sensitive data belonging to client2 (HTTP session ids, authentication credentials, etc.). If the Jetty version cannot be upgraded, the vulnerability can be significantly reduced by configuring a responseHeaderSize significantly larger than the requestHeaderSize (12KB responseHeaderSize and 8KB requestHeaderSize).
CVE-2019-17637 2 Debian, Eclipse 2 Debian Linux, Web Tools Platform 2023-12-10 5.8 MEDIUM 7.1 HIGH
In all versions of Eclipse Web Tools Platform through release 3.18 (2020-06), XML and DTD files referring to external entities could be exploited to send the contents of local files to a remote server when edited or validated, even when external entity resolution is disabled in the user preferences.
CVE-2020-10689 1 Eclipse 1 Che 2023-12-10 4.9 MEDIUM 6.8 MEDIUM
A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod.
CVE-2014-9390 6 Apple, Eclipse, Git-scm and 3 more 8 Mac Os X, Xcode, Egit and 5 more 2023-12-10 7.5 HIGH 9.8 CRITICAL
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before 08-12-2014; and JGit all versions before 08-12-2014 allow remote Git servers to execute arbitrary commands via a tree containing a crafted .git/config file with (1) an ignorable Unicode codepoint, (2) a git~1/config representation, or (3) mixed case that is improperly handled on a case-insensitive filesystem.
CVE-2019-17636 1 Eclipse 1 Theia 2023-12-10 5.8 MEDIUM 8.1 HIGH
In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is "Mini-Browser", published as "@theia/mini-browser" on npmjs.com. This extension, for its own needs, exposes a HTTP endpoint that allows to read the content of files on the host's filesystem, given their path, without restrictions on the requester's origin. This design is vulnerable to being exploited remotely through a DNS rebinding attack or a drive-by download of a carefully crafted exploit.
CVE-2019-17091 2 Eclipse, Oracle 23 Mojarra, Application Testing Suite, Banking Enterprise Product Manufacturing and 20 more 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled.
CVE-2019-17634 1 Eclipse 1 Memory Analyzer 2023-12-10 8.5 HIGH 9.0 CRITICAL
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting (XSS) vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump could be specially crafted, or could come from a crafted application or from an application processing malicious data. The vulnerability is present whena report is generated and opened from the Memory Analyzer graphical user interface, or when a report generated in batch mode is then opened in Memory Analyzer or by a web browser. The vulnerability could possibly allow code execution on the local system whenthe report is opened in Memory Analyzer.
CVE-2009-5046 2 Debian, Eclipse 2 Debian Linux, Jetty 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
JSP Dump and Session Dump Servlet XSS in jetty before 6.1.22.
CVE-2009-5045 2 Debian, Eclipse 2 Debian Linux, Jetty 2023-12-10 5.0 MEDIUM 7.5 HIGH
Dump Servlet information leak in jetty before 6.1.22.
CVE-2019-17631 2 Eclipse, Redhat 7 Openj9, Enterprise Linux, Enterprise Linux Desktop and 4 more 2023-12-10 6.4 MEDIUM 9.1 CRITICAL
From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such as causing a GC or creating a diagnostic file are permitted without any privilege checks.
CVE-2019-17635 1 Eclipse 1 Memory Analyzer 2023-12-10 6.8 MEDIUM 7.8 HIGH
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted index for the problem to occur. The problem can be averted if the index files from an untrusted source are deleted and the heap dump is opened and reparsed. Also some local configuration data is subject to a deserialization vulnerability if the local data were to be replaced with a malicious version. This can be averted if the local configuration data stored on the file system cannot be changed by an attacker. The vulnerability could possibly allow code execution on the local system.
CVE-2019-17633 1 Eclipse 1 Che 2023-12-10 6.8 MEDIUM 8.8 HIGH
For Eclipse Che versions 6.16 to 7.3.0, with both authentication and TLS disabled, visiting a malicious web site could trigger the start of an arbitrary Che workspace. Che with no authentication and no TLS is not usually deployed on a public network but is often used for local installations (e.g. on personal laptops). In that case, even if the Che API is not exposed externally, some javascript running in the local browser is able to send requests to it.
CVE-2019-18213 3 Eclipse, Theia Xml Extension Project, Xml Language Server Project 3 Wild Web Developer, Theia Xml Extension, Xml Server Project 2023-12-10 6.5 MEDIUM 8.8 HIGH
XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF (as well as SMB connection initiation that can lead to NetNTLM challenge/response capture for password cracking). This occurs in extensions/contentmodel/participants/diagnostics/LSPXMLParserConfiguration.java.