Skip to main content
Create account
Log in
Download
Members
Working Groups
Projects
Community
Marketplace
Events
Planet Eclipse
Newsletter
Videos
Blogs
Participate
Report a Bug
Forums
Mailing Lists
Wiki
IRC
Eclipse IDE
Download
Documentation
Getting Started / Support
How to Contribute
IDE and Tools
Newcomer Forum
More
Community
Marketplace
Events
Planet Eclipse
Newsletter
Videos
Blogs
Participate
Report a Bug
Forums
Mailing Lists
Wiki
IRC
Eclipse IDE
Download
Documentation
Getting Started / Support
How to Contribute
IDE and Tools
Newcomer Forum
Toggle navigation
Breadcrumbs
Home
Security
Known Eclipse Security Vulnerabilit...
Known Eclipse Security Vulnerabilities
317055
Platform: [Webapp][Security] URLEncode url requests from local users (3.6.1)
319344
Platform: [Webapp][Security] Phishing on help application (3.6.1)
320547
Platform: [Webapp][Security] Misuse of /topic/file (3.6.1)
320548
Platform: [Webapp][Security] Ability to read files not in bundles (3.6.1)
320967
Platform: [Test][Security] Tests for security related bugs (3.7 M6)
325902
Equinox: [launcher] Windows LoadLibrary search cwd DLL exploit (3.6.2)
328795
Equinox: [Webapp] Possible security issue with JSP code exposure. (3.7 M4)
328975
Equinox: [Webapp] Possible security issue with JSP code exposure. (3.6.2)
329193
Equinox: [Webapp] Possible security issue with JSP code exposure. (3.6.2)
329582
Platform: [Webapp][Security] Eclipse Help Server XSS (3.7 M4)
330026
Platform: [Webapp][Security] Fix for Eclipse 3.6.2 Eclipse Help Server XSS (3.6.2)
333959
Virgo: cross-site scripting vulnerability (3.0.0.RELEASE)
336767
BIRT: Security Issue in BIRT Viewer (2.6.2)
361316
Jetty: DoS attack from similar hash values (7.5.x)
367533
Community: Reset Password allows to hijack accounts for SSH access (and other options) (---)
367638
Jetty: Denial of Service attack ocert-2011-003 / CVE-2011-4461 (7.5.x)
378977
Equinox: [Webapp] Possible security issue with JSP code exposure. - backport to 3.5.2+ (3.5.2+)
378979
Equinox: [Webapp] Possible security issue with JSP code exposure. backport for 3.4.2+ (3.4.2+)
390491
Equinox: [Webapp] Possible security issue with JSP code exposure. (3.4.2+)
395246
Gemini.Web: Access to forbidden directories can be granted (2.2.0.M03)
421097
Community: Open redirect (---)
421700
Community: Reflected XSS - https://dev.eclipse.org/portal/myfoundation/tests/explore.php (---)
421726
Community: [Security] SQL injection in http://www.eclipse.org/membership/scripts/get_image.php (---)
421759
Community: [security] SQL injection in [http://eclipse.org/membership/showMember.php] By Shahmeer Amir and Rafay Baloch (---)
421875
Community: Vulnerabilities on http://www.eclipse.org/ (---)
424827
Community: Potential XSS vulnerability on /downloads page. (---)
427830
Community: XSS vulnerability on www.eclipse.org (---)
428032
Community: Multiple XSS on site_login (---)
429494
Community: https://bugs.eclipse.org/bugs/ is vulnerable to CVE-2009-3555 (---)
435095
Data Tools: HIPP jobs are SSHing to build.eclipse.org and storing passwords in config files (---)
438006
ECF: [XMPP] Update to Smack 4 (---)
438901
Platform: Style PASSWORD | READ_ONLY without BORDER displays plain text password (4.4.1)
443883
Community: [site_login] Password change should invalidate all active sessions (---)
463809
EMFStore: [Security] addInitialParticipant remote method allows privilege escalation (1.4.3)
474575
Community: The website may allow automated account creation. (---)
513268
Community: Open Redirection vulnerability in wiki.eclipse.org (---)
516765
Community: CVE-2017-7650: Eclipse Mosquitto ACL security issue (---)
529754
Community: Mosquitto Server Shutdown Attack (---)
530102
Community: Reloading Mosquitto configuration may fail if no file descriptors are available (---)
530629
Community: Security vulnerability found in OpenJ9 project (---)
Back to the top
