Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD6AE7CEF2-A6AE-11DC-95E6-000C29C5647F
HistoryDec 05, 2007 - 12:00 a.m.

jetty -- multiple vulnerabilities

2007-12-0500:00:00
vuxml.freebsd.org
17

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.5%

JSON

Cross-site scripting (XSS) vulnerability in Dump Servlet in
Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject
arbitrary web script or HTML via unspecified parameters and
cookies.

Mortbay Jetty before 6.1.6rc1 does not properly handle “certain
quote sequences” in HTML cookie parameters, which allows remote
attackers to hijack browser sessions via unspecified vectors.

CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0
allows remote attackers to inject arbitrary HTTP headers and
conduct HTTP response splitting attacks via unspecified vectors.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchjetty< 6.1.6UNKNOWN

Related

openvas 10
fedora 2
nessus 5
redhatcve 3
cve 3
veracode 3
osv 3
prion 3
cert 3
github 3
ibm 1
openvas
openvas
Fedora Update for jetty FEDORA-2008-6141
2009-02-17 00:00:00
FreeBSD Ports: jetty
2008-09-04 00:00:00
Fedora Update for jetty FEDORA-2008-6141
2009-02-17 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: jetty-5.1.14-1jpp.1.fc8
2008-07-06 06:17:49
[SECURITY] Fedora 9 Update: jetty-5.1.14-1jpp.2.fc9
2008-07-06 06:16:00
nessus
nessus
Fedora 9 : jetty-5.1.14-1jpp.2.fc9 (2008-6141)
2008-07-08 00:00:00
Fedora 8 : jetty-5.1.14-1jpp.1.fc8 (2008-6164)
2008-07-08 00:00:00
FreeBSD : jetty -- multiple vulnerabilities (6ae7cef2-a6ae-11dc-95e6-000c29c5647f)
2007-12-11 00:00:00
redhatcve
redhatcve
CVE-2007-5614
2019-10-04 21:10:06
CVE-2007-5615
2019-10-04 21:10:20
CVE-2007-5613
2019-10-04 21:10:06
cve
cve
CVE-2007-5615
2007-12-05 11:46:00
CVE-2007-5614
2007-12-05 11:46:00
CVE-2007-5613
2007-12-05 11:46:00
veracode
veracode
CRLF Injection
2018-11-12 07:38:30
Session Hijacking
2018-11-15 01:29:46
Cross-Site Scripting (XSS)
2018-11-12 07:10:26
osv
osv
Improper Authentication in Mortbay Jetty
2022-05-01 18:35:01
Mortbay Jetty vulnerable to Cross-site scripting
2022-05-01 18:35:00
Mortbay Jetty CRLF Injection Vulnerability
2022-05-01 18:35:01
prion
prion
Crlf injection
2007-12-05 11:46:00
Cross site scripting
2007-12-05 11:46:00
Hardcoded credentials
2007-12-05 11:46:00
cert
cert
Mortbay Jetty vulnerable to HTTP response splitting
2007-12-04 00:00:00
Mortbay Jetty Dump Servlet vulnerable to cross-site scripting
2007-12-04 00:00:00
Mortbay Jetty fails to properly handle cookies with quotes
2007-12-04 00:00:00
github
github
Mortbay Jetty CRLF Injection Vulnerability
2022-05-01 18:35:01
Improper Authentication in Mortbay Jetty
2022-05-01 18:35:01
Mortbay Jetty vulnerable to Cross-site scripting
2022-05-01 18:35:00
ibm
ibm
Security Bulletin: Provision to add https and Secure Flag to bayeux_browser cookie for IBM Control Desk.
2022-09-19 20:54:31

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.5%

JSON
Related for 6AE7CEF2-A6AE-11DC-95E6-000C29C5647F
openvas10fedora2nessus5redhatcve3cve3veracode3osv3prion3cert3github3ibm1