How severe is CVE-2020-27218?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.8 out of 10.

What type of vulnerability is CVE-2020-27218?

This is classified as CWE-226, which is a common weakness in software security.

CVE-2020-27218

MEDIUM Year: 2020

CVSS v3 Score

4.8

Medium

CVSS v2 Score

5.8

Medium

Weakness Type

CWE-226

View all →

Vulnerability Description

In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.

CVE-2023-1637

MEDIUM

CVSS:5.5(Medium)

A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CP...

CWE-2262023

CVE-2023-3006

MEDIUM

CVSS:5.5(Medium)

A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malici...

CWE-2262023

CVE-2025-48066

MEDIUM

CVSS:5.5(Medium)

wire-webapp is the web application for the open-source messaging service Wire. A bug fix caused a regression causing an issue with function to delete local data. Instructing the client to delete its l...

CWE-2262025

CVE-2024-7883

LOW

CVSS:3.7(Low)

When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function call is made that returns ...

CWE-2262024

CVE-2024-21850

HIGH

CVSS:6.0(Medium)

Sensitive information in resource not removed before reuse in some Intel(R) TDX Seamldr module software before version 1.5.02.00 may allow a privileged user to potentially enable escalation of privile...

CWE-2262024

CVE-2024-32036

MEDIUM

CVSS:6.5(Medium)

ImageSharp is a 2D graphics API. A data leakage flaw was found in ImageSharp's JPEG and TGA decoders. This vulnerability is triggered when an attacker passes a specially crafted JPEG or TGA image file...

CWE-2262024

CVE-2020-27218

Vulnerability Description

Related Vulnerabilities

CVE-2023-1637

CVE-2023-3006

CVE-2025-48066

CVE-2024-7883

CVE-2024-21850

CVE-2024-32036