CVE-2019-10219
- EPSS 1.67%
- Veröffentlicht 08.11.2019 15:15:11
- Zuletzt bearbeitet 07.07.2025 14:15:21
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
CVE-2019-10246
- EPSS 1.7%
- Veröffentlicht 22.04.2019 20:29:00
- Zuletzt bearbeitet 21.11.2024 04:18:44
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory co...
CVE-2019-10247
- EPSS 6.59%
- Veröffentlicht 22.04.2019 20:29:00
- Zuletzt bearbeitet 21.11.2024 04:18:44
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 4...
CVE-2017-12617
- EPSS 94.37%
- Veröffentlicht 04.10.2017 01:29:02
- Zuletzt bearbeitet 20.04.2025 01:37:25
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload ...