Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Eclipse Foundation — Vulnerabilities & Security Advisories 91

Browse all 91 CVE security advisories affecting Eclipse Foundation. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Eclipse Foundation:ThreadXNetX DuoEclipse GlassfishJettyMosquittoEclipse JettyUSBXEclipse OMROpenJ9NextX DuoVert.xParssonOpen J9Eclipse OpenMQGlassfishEclipse Theia - WebsiteEclipse ThreadX - USBXEclipse ThreadXEclipse Kura InstallerEclipse ThreadX - NetX DuoBlueChipaho.mqtt.golang (Go MQTT v3.1 library)JerseyEclipse IDEEclipse KUKSA - DatabrokerEclipse OpenJ9FileXEclipse JGitJakarta MailEclipse Open VSX Registry
CVE IDTitleCVSSSeverityPublished
CVE-2025-55089 Eclipse ThreadX FileX RAM disk driver buffer overflow — FileXCWE-119 9.1AICriticalAI2025-10-16
CVE-2025-55084 Out of bound read in _nx_secure_tls_proc_clienthello_supported_versions_extension() — NetX DuoCWE-126 8.8AIHighAI2025-10-16
CVE-2025-55083 Broken bounds check in Broken bounds check in _nx_secure_tls_process_clienthello_psk_extension() — NetX DuoCWE-126 5.3AIMediumAI2025-10-15
CVE-2025-55082 Potential out of bound read and info leak in_nx_secure_tls_psk_identity_find() — NetX DuoCWE-125 8.2AIHighAI2025-10-15
CVE-2025-55081 Potential out of bound read in _nx_secure_tls_process_clienthello() — NetX DuoCWE-126 8.2AIHighAI2025-10-15
CVE-2025-55080 Improper Parameter Check in ThreadX Syscall Implementation — ThreadXCWE-233 9.1AICriticalAI2025-10-15
CVE-2025-55079 Missing check for thread priority — ThreadXCWE-770 7.5AIHighAI2025-10-15
CVE-2025-55078 Incomplete validation of kernel object pointers in system calls — ThreadXCWE-233 7.5AIHighAI2025-10-14
CVE-2025-7962 Eclipse Jakarta Mail 安全漏洞 — Jakarta MailCWE-147 7.5 -2025-07-21
CVE-2024-9408 Eclipse GlassFish 代码问题漏洞 — Eclipse GlassfishCWE-918 9.8 -2025-07-16
CVE-2024-10032 Eclipse GlassFish 跨站脚本漏洞 — Eclipse GlassfishCWE-79 4.8 -2025-07-16
CVE-2024-10031 Eclipse GlassFish 跨站脚本漏洞 — Eclipse GlassfishCWE-79 5.4 -2025-07-16
CVE-2024-10029 Eclipse GlassFish 跨站脚本漏洞 — Eclipse GlassfishCWE-79 6.1 -2025-07-16
CVE-2024-9343 Eclipse GlassFish 跨站脚本漏洞 — Eclipse GlassfishCWE-79 4.8 -2025-07-16
CVE-2024-9342 Eclipse GlassFish 安全漏洞 — Eclipse GlassfishCWE-307 9.8 -2025-07-16
CVE-2025-6705 Eclipse Open VSX 安全漏洞 — Eclipse Open VSX RegistryCWE-913 9.8AICriticalAI2025-06-27
CVE-2025-4447 Buffer Overflow in Eclipse OpenJ9 — OpenJ9CWE-121 9.8AICriticalAI2025-05-09
CVE-2025-1948 Eclipse Jetty HTTP clients can increase memory allocation — JettyCWE-400 7.5 High2025-05-08
CVE-2024-13009 Eclipse Jetty GZIP buffer release — JettyCWE-404 7.2 High2025-05-08
CVE-2025-2259 Eclipse ThreadX NetX Duo component HTTP server single PUT request integer underflow — ThreadXCWE-191 7.5AIHighAI2025-04-06
CVE-2025-2260 Eclipse ThreadX NetX Duo HTTP component server denial of service — ThreadXCWE-459 7.5AIHighAI2025-04-06
CVE-2025-2258 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow — ThreadXCWE-191 7.5AIHighAI2025-04-06
CVE-2024-10838 Integer Underflow in DDS_Security_Deserialize_ methods may lead to OOB read — Eclipse Cyclone DDSCWE-191 9.1 -2025-03-12
CVE-2025-1471 Eclipse OMR: Buffer overflow vulnerability — Eclipse OMRCWE-787 9.8 -2025-02-21
CVE-2025-1470 Eclipse OMR: Null pointer dereference vulnerability — Eclipse OMRCWE-476 7.5 -2025-02-21
CVE-2025-0727 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow — ThreadXCWE-191 7.5 -2025-02-21
CVE-2025-0728 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow — ThreadXCWE-191 7.5 -2025-02-21
CVE-2025-0726 Eclipse ThreadX NetX Duo HTTP server denial of service — ThreadXCWE-459 7.5 -2025-02-21
CVE-2025-1007 Improper Authorization in /user/namespace/{namespace}/details — OpenVSXCWE-285 4.3 -2025-02-19
CVE-2024-10917 Eclipse OpenJ9 might return an incorrect value in JNI function GetStringUTFLength — Open J9CWE-190 3.7 Low2024-11-11

This page lists every published CVE security advisory associated with Eclipse Foundation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.