Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:40230
HistoryApr 20, 2023 - 2:24 p.m.

Denial Of Service (DOS)

2023-04-2014:24:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20
org.eclipse.jetty
multipart file upload
httpservletrequest.getparameter
httpservletrequest.getparts
@multipartconfig
outofmemoryerror

EPSS

0.003

Percentile

68.8%

JSON

org.eclipse.jetty: jetty-server is vulnerable to Denial of Service. The vulnerability exists due to a lack of multipart file upload sanitization that affects HttpServletRequest.getParameter() or HttpServletRequest.getParts() methods annotated with @MultipartConfig, which allows an attacker to submit a multipart request with parts lacking a filename and a very large content size. This can throw an OutOfMemoryError, resulting in a Denial of Service.

Related

cve 1
redhatcve 1
githubexploit 1
ubuntucve 1
osv 5
ibm 31
nvd 1
github 1
debiancve 1
wolfi 1
prion 1
cgr 1
cvelist 1
nessus 11
openvas 4
redos 1
redhat 13
debian 2
oracle 2
cve
cve
CVE-2023-26048
2023-04-18 21:15:08
redhatcve
redhatcve
CVE-2023-26048
2023-08-31 01:30:14
githubexploit
githubexploit
Exploit for Allocation of Resources Without Limits or Throttling in Eclipse Jetty
2023-11-01 06:57:10
ubuntucve
ubuntucve
CVE-2023-26048
2023-04-18 00:00:00
osv
osv
CVE-2023-26048
2023-04-18 21:15:08
OutOfMemoryError for large multipart without filename in Eclipse Jetty
2023-04-19 18:15:45
CGA-q672-cgj3-7q4g
2024-06-06 12:28:58
ibm
ibm
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Eclipse Jetty (CVE-2023-26048)
2023-07-17 03:56:06
Security Bulletin: Vulnerability in jetty-server affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2023-26048]
2023-07-31 10:47:25
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Eclipse Jetty
2023-06-28 22:04:45
nvd
nvd
CVE-2023-26048
2023-04-18 21:15:08
github
github
OutOfMemoryError for large multipart without filename in Eclipse Jetty
2023-04-19 18:15:45
debiancve
debiancve
CVE-2023-26048
2023-04-18 21:15:08
wolfi
wolfi
CVE-2023-26048 vulnerabilities
2024-09-30 03:53:08
prion
prion
Design/Logic Flaw
2023-04-18 21:15:00
cgr
cgr
CVE-2023-26048 vulnerabilities
2024-05-19 03:07:16
cvelist
cvelist
CVE-2023-26048 OutOfMemoryError for large multipart without filename in Eclipse Jetty
2023-04-18 20:30:20
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : jetty-minimal (SUSE-SU-2023:2539-1)
2023-06-20 00:00:00
RHEL 9 : log4j (Unpatched Vulnerability)
2024-06-03 00:00:00
Debian DLA-3592-1 : jetty9 - LTS security update
2023-10-01 00:00:00
openvas
openvas
Eclipse Jetty Multiple Vulnerabilities (GHSA-qw69-rqj8-6qw8, GHSA-p26g-97m4-6q7c) - Linux
2023-04-21 00:00:00
Eclipse Jetty Multiple Vulnerabilities (GHSA-qw69-rqj8-6qw8, GHSA-p26g-97m4-6q7c) - Windows
2023-04-21 00:00:00
Debian: Security Advisory (DLA-3592-1)
2023-10-02 00:00:00
redos
redos
ROS-20240729-10
2024-07-29 00:00:00
redhat
redhat
(RHSA-2024:3385) Moderate: Red Hat JBoss EAP 7.4.14 XP 4.0.2.GA security release
2024-05-28 11:17:57
(RHSA-2023:7641) Important: Red Hat JBoss Enterprise Application Platform 7.4.14 security update
2023-12-04 18:00:34
(RHSA-2023:7637) Important: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 7 security update
2023-12-04 17:37:49
debian
debian
[SECURITY] [DLA 3592-1] jetty9 security update
2023-09-30 12:35:53
[SECURITY] [DSA 5507-1] jetty9 security update
2023-09-28 22:37:26
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00

EPSS

0.003

Percentile

68.8%

JSON
Related for VERACODE:40230
cve1redhatcve1githubexploit1ubuntucve1osv5ibm31nvd1github1debiancve1wolfi1prion1cgr1cvelist1nessus11openvas4redos1redhat13debian2oracle2