Showing 1 - 7 of 7

CVE-2020-27218

Status Candidate

Overview

In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.

Related Files

Red Hat Security Advisory 2022-1029-01: Posted Mar 23, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1029-01 - A micro version update is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include cross site scripting, denial of service, information leakage, and server-side request forgery vulnerabilities.; tags | advisory, denial of service, vulnerability, xss; systems | linux, redhat; advisories | CVE-2020-15522, CVE-2020-27218, CVE-2020-8908, CVE-2021-20293, CVE-2021-21349, CVE-2021-26291, CVE-2021-28168, CVE-2021-28170, CVE-2021-33813, CVE-2021-3690, CVE-2022-24407; SHA-256 | e1a2e4b551ccd5d032fc05c0712cca1e96b04eea7c46e8e7109f20f450bbd890; Download | Favorite | View

Red Hat Security Advisory 2021-5134-05: Posted Dec 15, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-5134-05 - This release of Red Hat Fuse 7.10.0 serves as a replacement for Red Hat Fuse 7.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, deserialization, information leakage, memory leak, privilege escalation, server-side request forgery, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, xss, memory leak; systems | linux, redhat; advisories | CVE-2019-10744, CVE-2019-12415, CVE-2020-11987, CVE-2020-11988, CVE-2020-13943, CVE-2020-13949, CVE-2020-15522, CVE-2020-17521, CVE-2020-17527, CVE-2020-26217, CVE-2020-26259, CVE-2020-27218, CVE-2020-27223, CVE-2020-27782, CVE-2020-28491, CVE-2020-2875, CVE-2020-2934, CVE-2020-35510, CVE-2020-9488, CVE-2021-20218, CVE-2021-21290, CVE-2021-21295, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344; SHA-256 | 9284d27525337878d1b616a42ec6964f345739a90a655ed05cfae5b196bdeacd; Download | Favorite | View

Red Hat Security Advisory 2021-4767-01: Posted Nov 23, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4767-01 - This release of Red Hat Integration - Camel Extensions for Quarkus - 2.2 GA serves as a replacement for tech-preview 2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, code execution, denial of service, deserialization, information leakage, resource exhaustion, and server-side request forgery vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2020-13936, CVE-2020-14326, CVE-2020-26217, CVE-2020-26258, CVE-2020-26259, CVE-2020-27218, CVE-2020-27223, CVE-2020-28052, CVE-2020-28491, CVE-2021-20289, CVE-2021-20328, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351, CVE-2021-27568, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165; SHA-256 | 9dff15e298c722ad84d5f39cb4d850c04124d91986161bb1afd605f4e69d1c9d; Download | Favorite | View

Red Hat Security Advisory 2021-2431-01: Posted Jul 2, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-2431-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.41. Issues addressed include XML injection, cross site request forgery, and denial of service vulnerabilities.; tags | advisory, denial of service, vulnerability, csrf; systems | linux, redhat; advisories | CVE-2020-27216, CVE-2020-27218, CVE-2020-27223, CVE-2021-21642, CVE-2021-21643, CVE-2021-21644, CVE-2021-21645; SHA-256 | 8320ca0fbf52a821c1d861f06d563f78252ebe92f38a8903490a83a5c335a58f; Download | Favorite | View

Red Hat Security Advisory 2021-2517-01: Posted Jul 1, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-2517-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.462. Issues addressed include XML injection, cross site request forgery, and denial of service vulnerabilities.; tags | advisory, denial of service, vulnerability, csrf; systems | linux, redhat; advisories | CVE-2020-27216, CVE-2020-27218, CVE-2020-27223, CVE-2021-21642, CVE-2021-21643, CVE-2021-21644, CVE-2021-21645; SHA-256 | f0cc7cc7453112310b6e9a4cfd6847dd90f4a89758cd89cba7b0719660010c0b; Download | Favorite | View

Red Hat Security Advisory 2021-2499-01: Posted Jun 29, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-2499-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.36. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2020-27216, CVE-2020-27218, CVE-2020-27223; SHA-256 | fc33e3ccc5d69dcd993e15c937230658440ccc17e77d1efce3da137b504799bc; Download | Favorite | View

Red Hat Security Advisory 2021-0417-01: Posted Feb 4, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-0417-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.8.1 serves as a replacement for Red Hat AMQ Broker 7.8.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include an information leakage vulnerability.; tags | advisory, protocol; systems | linux, redhat; advisories | CVE-2020-27218, CVE-2020-8908; SHA-256 | a71da10bd083e91134d21c889e12eb934ff251dde41fa603b40883544ff19f68; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 240 files
Ubuntu 62 files
Debian 22 files
Apple 14 files
LiquidWorm 12 files
Gentoo 8 files
Google Security Research 4 files
Andrey Stoykov 3 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,169)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,011)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,372)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,008)
UNIX (9,481)
UnixWare (188)
Windows (6,785)
Other

CVE-2020-27218

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems