Maven package
io.vertx/vertx-web
pkg:maven/io.vertx/vertx-web
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-11965 | — | < 4.5.22 | 4.5.22 | Oct 22, 2025 | In Eclipse Vert.x versions [4.0.0, 4.5.21] and [5.0.0, 5.0.4], a StaticHandler configuration for restricting access to hidden files fails to restrict access to hidden directories, allowing unauthorized users to retrieve files within them (e.g. '.git/config'). | ||
| CVE-2025-11966 | — | < 4.5.22 | 4.5.22 | Oct 22, 2025 | In Eclipse Vert.x versions [4.0.0, 4.5.21] and [5.0.0, 5.0.4], when "directory listing" is enabled, file and directory names are inserted into generated HTML without proper escaping in the href, title, and link attributes. An attacker who can create or rename files or directories | ||
| CVE-2023-24815 | — | >= 4.0.0, < 4.3.8 | 4.3.8 | Feb 9, 2023 | Vert.x-Web is a set of building blocks for building web applications in the java programming language. When running vertx web applications that serve files using `StaticHandler` on Windows Operating Systems and Windows File Systems, if the mount point is a wildcard (`*`) then an | ||
| CVE-2020-35217 | — | >= 4.0.0-milestone1, < 4.0.0-milestone5 | 4.0.0-milestone5 | Jan 20, 2021 | Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSRF verification. Instead of comparing the CSRF token in the request with the CSRF token in the cookie, it compares the CSRF token in the cookie against a CSRF token that is stored in the session. An attacker doe | ||
| CVE-2019-17640 | — | >= 3.0.0, < 3.9.4 | 3.9.4 | Oct 15, 2020 | In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0.milestone1, 4.0.0.milestone2, 4.0.0.milestone3, 4.0.0.milestone4, 4.0.0.milestone5, 4.0.0.Beta1, 4.0.0.Beta2, and 4.0.0.Beta3, StaticHandler doesn't correctly processes back slashes on Windows Operating systems, allowing, escape the webr | ||
| CVE-2018-12542 | — | >= 3.0.0, < 3.5.4 | 3.5.4 | Oct 10, 2018 | In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the StaticHandler uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\' (forward slashes) sequences that can resolve to a location that is outside of that | ||
| CVE-2018-12540 | Hig | 8.8 | >= 3.0.0, < 3.5.3 | 3.5.3 | Jul 12, 2018 | In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired yet. |
- CVE-2025-11965Oct 22, 2025affected < 4.5.22fixed 4.5.22
In Eclipse Vert.x versions [4.0.0, 4.5.21] and [5.0.0, 5.0.4], a StaticHandler configuration for restricting access to hidden files fails to restrict access to hidden directories, allowing unauthorized users to retrieve files within them (e.g. '.git/config').
- CVE-2025-11966Oct 22, 2025affected < 4.5.22fixed 4.5.22
In Eclipse Vert.x versions [4.0.0, 4.5.21] and [5.0.0, 5.0.4], when "directory listing" is enabled, file and directory names are inserted into generated HTML without proper escaping in the href, title, and link attributes. An attacker who can create or rename files or directories
- CVE-2023-24815Feb 9, 2023affected >= 4.0.0, < 4.3.8fixed 4.3.8
Vert.x-Web is a set of building blocks for building web applications in the java programming language. When running vertx web applications that serve files using `StaticHandler` on Windows Operating Systems and Windows File Systems, if the mount point is a wildcard (`*`) then an
- CVE-2020-35217Jan 20, 2021affected >= 4.0.0-milestone1, < 4.0.0-milestone5fixed 4.0.0-milestone5
Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSRF verification. Instead of comparing the CSRF token in the request with the CSRF token in the cookie, it compares the CSRF token in the cookie against a CSRF token that is stored in the session. An attacker doe
- CVE-2019-17640Oct 15, 2020affected >= 3.0.0, < 3.9.4fixed 3.9.4
In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0.milestone1, 4.0.0.milestone2, 4.0.0.milestone3, 4.0.0.milestone4, 4.0.0.milestone5, 4.0.0.Beta1, 4.0.0.Beta2, and 4.0.0.Beta3, StaticHandler doesn't correctly processes back slashes on Windows Operating systems, allowing, escape the webr
- CVE-2018-12542Oct 10, 2018affected >= 3.0.0, < 3.5.4fixed 3.5.4
In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the StaticHandler uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '\' (forward slashes) sequences that can resolve to a location that is outside of that
- affected >= 3.0.0, < 3.5.3fixed 3.5.3
In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired yet.