CVE-2015-2080
Description
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
92.414
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2015-2080 are fixed in Eclipse-jetty-server 9.2.9 | Windows |
| Vulnerabilities CVE-2015-2080 are fixed in Eclipse-jetty-server for Linux 9.2.9 | Linux |
| Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-2080) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234