Showing 1 - 3 of 3

CVE-2021-28168

Status Candidate

Overview

Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFile which creates a file inside of the system temporary directory with the permissions: -rw-r--r--. Thus the contents of this file are viewable by all other users locally on the system. As such, if the contents written is security sensitive, it can be disclosed to other local users.

Related Files

Red Hat Security Advisory 2022-1029-01: Posted Mar 23, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1029-01 - A micro version update is now available for Red Hat Camel K that includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include cross site scripting, denial of service, information leakage, and server-side request forgery vulnerabilities.; tags | advisory, denial of service, vulnerability, xss; systems | linux, redhat; advisories | CVE-2020-15522, CVE-2020-27218, CVE-2020-8908, CVE-2021-20293, CVE-2021-21349, CVE-2021-26291, CVE-2021-28168, CVE-2021-28170, CVE-2021-33813, CVE-2021-3690, CVE-2022-24407; SHA-256 | e1a2e4b551ccd5d032fc05c0712cca1e96b04eea7c46e8e7109f20f450bbd890; Download | Favorite | View

Red Hat Security Advisory 2022-1013-01: Posted Mar 23, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1013-01 - Red Hat Integration - Camel Extensions for Quarkus 2.2.1 serves as a replacement for 2.2 and includes security fixes. Issues addressed include code execution, denial of service, deserialization, information leakage, and memory leak vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, memory leak; systems | linux, redhat; advisories | CVE-2020-15522, CVE-2020-8908, CVE-2021-22569, CVE-2021-2471, CVE-2021-26291, CVE-2021-28168, CVE-2021-28170, CVE-2021-30129, CVE-2021-37136, CVE-2021-37137, CVE-2021-40690, CVE-2021-41269, CVE-2021-4178, CVE-2021-42392; SHA-256 | d5cfb7d93bd17d4a300c3574ceea4314e4c04e0e4b82484593f5c02a870e2682; Download | Favorite | View

Red Hat Security Advisory 2021-3225-01: Posted Aug 31, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3225-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.8.0 serves as a replacement for Red Hat AMQ Streams 1.7.0, and includes security and bug fixes, and enhancements. Issues addressed include information leakage, resource exhaustion, and traversal vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2017-18640, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-27568, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165, CVE-2021-28168, CVE-2021-28169, CVE-2021-29425, CVE-2021-34428; SHA-256 | f799cc6edbac4d0b98864f1662ed210d6e06f745c7ff0e79f347ad596baa1447; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 105 files
Ubuntu 56 files
malvuln 9 files
Julien Ahrens 8 files
Google Security Research 7 files
Apple 7 files
Gentoo 6 files
saitamang 6 files
CraCkEr 5 files
nu11secur1ty 5 files

File Archives

Systems

AIX (426)
Apple (1,890)
BSD (368)
CentOS (55)
Cisco (1,913)
Debian (5,948)
Fedora (1,690)
FreeBSD (1,241)
Gentoo (4,158)
HPUX (878)
iOS (319)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (42,575)
Mac OS X (683)
Mandriva (3,105)
NetBSD (255)
OpenBSD (478)
RedHat (11,819)
Slackware (941)
Solaris (1,607)
SUSE (1,444)
Ubuntu (7,925)
UNIX (9,097)
UnixWare (185)
Windows (6,441)
Other

CVE-2021-28168

Overview

Related Files

File Archive:

August 2022

Top Authors In Last 30 Days

File Tags

File Archives

Systems