CGA-qhh8-pqqr-j7px

Published

Last updated

https://images.chainguard.dev/security/CGA-qhh8-pqqr-j7px

Package

hadoop-fips-3.3.6

Repository

Chainguard

Latest Update

Fix not planned

Aliases

CVE-2019-10246
GHSA-r28m-g6j9-r2h5

Severity

Unknown

Summary

Information Exposure vulnerability in Eclipse Jetty

Description

In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted to only the content in the configured base resource directories.

References

https://nvd.nist.gov/vuln/detail/CVE-2019-10246
https://github.com/advisories/GHSA-r28m-g6j9-r2h5
https://bugs.eclipse.org/bugs/show_bug.cgi?id=546576
https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
https://security.netapp.com/advisory/ntap-20190509-0003
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CGA-qhh8-pqqr-j7px

Severity

Summary

Description

References

Updates

Products

Why Chainguard

Customers

Company

Resources