VYPR

apk package

chainguard/apache-hop

pkg:apk/chainguard/apache-hop

Vulnerabilities (64)

  • CVE-2024-8184Oct 14, 2024
    affected < 2.16.0-r0fixed 2.16.0-r0

    There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's

  • CVE-2024-9823Oct 14, 2024
    affected < 2.15.0-r2fixed 2.15.0-r2

    There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack on the server using DosFilter. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the s

  • CVE-2023-36479Sep 15, 2023
    affected < 2.15.0-r2fixed 2.15.0-r2

    Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a spac

  • CVE-2021-34429Jul 15, 2021
    affected < 2.16.0-r0fixed 2.16.0-r0

    For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/G

Page 4 of 4