Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

The Eclipse Foundation — Vulnerabilities & Security Advisories 101

Browse all 101 CVE security advisories affecting The Eclipse Foundation. AI-powered Chinese analysis, POCs, and references for each vulnerability.

The Eclipse Foundation operates as a non-profit organization managing open-source software projects, primarily serving developers through widely adopted frameworks like Eclipse IDE, Jakarta EE, and OSGi. Its core business involves stewarding these technologies, which are integral to enterprise Java development and IoT ecosystems. Historically, vulnerabilities within its ecosystem have frequently involved remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from complex plugin architectures or legacy codebases. While the Foundation itself does not develop all software, its projects have faced notable security incidents, including critical flaws in Eclipse IDE components that allowed unauthorized access or system compromise. With 101 CVEs currently on record, the organization emphasizes community-driven security reviews and transparent disclosure processes to mitigate risks. These efforts aim to maintain trust among millions of users who rely on its tools for mission-critical applications, ensuring that security patches are distributed promptly to address identified weaknesses in its extensive portfolio of open-source solutions.

Top products by The Eclipse Foundation: Eclipse Jetty Eclipse Mosquitto Eclipse OpenJ9 Eclipse Vert.x Eclipse Theia Eclipse Californium Eclipse Kura Eclipse OMR Eclipse BIRT Eclipse Hono Eclipse Memory Analyzer Eclipse Che Eclipse hawkBit Eclipse Lyo Eclipse BIRT (Business Intelligence Reporting Tool) Eclipse GlassFish @theia/plugin-ext Eclipse Sphinx Eclipse Equinox p2 Eclipse Paho MQTT C Client Eclipse Equinox Eclipse TinyDTLS Jakarta Expression Language Implementation Eclipse Jersey Eclipse Platform Eclipse Web Tools Platform Eclipse Paho Eclipse Buildship Eclipse Xtext Eclipse Vorto
CVE IDTitleCVSSSeverityPublished
CVE-2021-28167 Eclipse OpenJ9 安全漏洞 — Eclipse OpenJ9CWE-909 5.3 -2021-04-21
CVE-2021-28166 Eclipse Mosquitto 代码问题漏洞 — Eclipse MosquittoCWE-476 6.5 Medium2021-04-07
CVE-2021-28164 Eclipse Jetty 安全漏洞 — Eclipse JettyCWE-200 5.3 Medium2021-04-01
CVE-2021-28165 Eclipse Jetty 资源管理错误漏洞 — Eclipse JettyCWE-400 7.5 High2021-04-01
CVE-2021-28163 Eclipse Jetty 后置链接漏洞 — Eclipse JettyCWE-200 2.7 Low2021-04-01
CVE-2021-28162 Eclipse Theia 注入漏洞 — Eclipse TheiaCWE-830 6.1 -2021-03-12
CVE-2021-28161 Eclipse Theia 跨站脚本漏洞 — Eclipse TheiaCWE-79 6.1 -2021-03-12
CVE-2020-27225 Eclipse Platform 访问控制错误漏洞 — Eclipse PlatformCWE-306 7.8 -2021-03-09
CVE-2020-27223 Eclipse Jetty 资源管理错误漏洞 — Eclipse JettyCWE-407 5.2 Medium2021-02-26
CVE-2020-27224 Eclipse Theia 跨站脚本漏洞 — Eclipse TheiaCWE-79 8.8 -2021-02-24
CVE-2020-27222 Eclipse Californium 安全漏洞 — Eclipse CaliforniumCWE-372 7.5 -2021-02-03
CVE-2020-27221 Eclipse OpenJ9 缓冲区错误漏洞 — Eclipse OpenJ9CWE-121 9.8 -2021-01-21
CVE-2020-27220 Eclipse Hono 安全漏洞 — Eclipse HonoCWE-862 8.8 -2021-01-14
CVE-2020-27219 Eclipse hawkBit 跨站脚本漏洞 — Eclipse HawkbitCWE-79 7.2 -2021-01-14
CVE-2020-27218 Eclipse Jetty 安全漏洞 — Eclipse JettyCWE-226 4.8 -2020-11-28
CVE-2020-27217 Eclipse Hono 安全漏洞 — Eclipse HonoCWE-1284 6.5 -2020-11-13
CVE-2020-27216 Eclipse Jetty 安全漏洞 — Eclipse JettyCWE-378 5.8 -2020-10-23
CVE-2019-17640 Eclipse Vert.x 路径遍历漏洞 — Eclipse Vert.xCWE-23 9.8 -2020-10-15
CVE-2019-17639 Eclipse OpenJ9 安全漏洞 — Eclipse OpenJ9CWE-843 7.5 -2020-07-15
CVE-2019-17637 Eclipse Web Tools Platform 代码问题漏洞 — Eclipse Web Tools PlatformCWE-611 7.1 -2020-07-15
CVE-2019-17638 Eclipse Jetty 安全漏洞 — Eclipse JettyCWE-672 9.4 -2020-07-09
CVE-2019-17636 Eclipse Theia 数据伪造问题漏洞 — Eclipse TheiaCWE-345 9.1 -2020-03-10
CVE-2019-17634 Eclipse Memory Analyzer 跨站脚本漏洞 — Eclipse Memory AnalyzerCWE-79 5.4 -2020-01-17
CVE-2019-17635 Eclipse Memory Analyzer 代码问题漏洞 — Eclipse Memory AnalyzerCWE-502 7.8 -2020-01-17
CVE-2019-17633 Eclipse Che 跨站请求伪造漏洞 — Eclipse CheCWE-352 8.8 -2019-12-19
CVE-2019-17632 Eclipse Jetty 跨站脚本漏洞 — Eclipse JettyCWE-79 5.8 -2019-11-25
CVE-2019-17631 Eclipse OpenJ9 安全漏洞 — Eclipse OpenJ9CWE-285 9.8 -2019-10-17
CVE-2019-11779 Eclipse Mosquitto 代码问题漏洞 — Eclipse MosquittoCWE-754 8.1 -2019-09-19
CVE-2019-11778 Eclipse Mosquitto 资源管理错误漏洞 — Eclipse MosquittoCWE-416 9.1 -2019-09-18
CVE-2019-11773 Eclipse OMR 代码问题漏洞 — Eclipse OMRCWE-264 7.8 -2019-09-12

This page lists every published CVE security advisory associated with The Eclipse Foundation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.