Fallos del tipo CWE-551
10 resultadosCVE-2021-34429MEDIUMFor Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the conEPSS 99.3%CVE-2021-28164MEDIUMIn Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segmEPSS 82.4%CVE-2021-28165HIGHIn Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invaEPSS 53.9%CVE-2023-23924CRITICALURI validation failure on SVG parsing in DompdfEPSS 3.6%CVE-2021-32777HIGHIncorrect concatenation of multiple value request headers in ext-authz extensionEPSS 3.3%CVE-2021-31384HIGHJunos OS: SRX Series: Under a specific device configuration an attacker can access the devices J-Web management services from any interface, regardless of security settings protecting the serviceEPSS 1.1%CVE-2021-32779HIGHIncorrectly handling of URI '#fragment' element as part of the path elementEPSS 0.9%CVE-2016-20030CRITICALZKTeco ZKBioSecurity 3.0 User Enumeration via authLoginActionEPSS 0.6%CVE-2026-0707MEDIUMKeycloak: keycloak authorization header parsing leading to potential security control bypassEPSS 0.4%CVE-2026-4636HIGHKeycloak: keycloak: uma policy bypass allows authenticated users to gain unauthorized access to victim-owned resources.EPSS 0.3%