Lucene search
GitHub Advisory DatabaseGHSA-CWQ3-QP8V-W8Q3HistoryMay 01, 2022 - 2:20 a.m.
Mortbay Jetty Discloses JSP Source Code
2022-05-0102:20:38
CWE-200
GitHub Advisory Database
github.com
3
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.011 Low
EPSS
Percentile
84.2%
Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash (%5C) characters. NOTE: this might be the same issue as CVE-2006-2758.
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.mortbay.jetty:jetty | lt | 5.1.6 |
Related
github
github
Jetty Directory Traversal Vulnerability
2022-05-01 07:02:10
cve
cve
CVE-2006-2758
2006-06-02 01:02:00
CVE-2005-3747
2005-11-22 11:03:00
prion
prion
Directory traversal
2006-06-02 01:02:00
osv
osv
Mortbay Jetty Discloses JSP Source Code
2022-05-01 02:20:38
Jetty Directory Traversal Vulnerability
2022-05-01 07:02:10
veracode
veracode
Directory Traversal
2018-11-14 00:52:53
Directory Traversal
2018-11-13 07:08:22
nessus
nessus
HP-UX PHSS_35437 : s700_800 11.04 Webproxy server 2.1 (Apache 2.x) update
2006-11-22 00:00:00
HP-UX PHSS_35436 : s700_800 11.04 Virtualvault 4.7 OWS (Apache 2.x) update
2006-11-22 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.011 Low
EPSS
Percentile
84.2%
Related for GHSA-CWQ3-QP8V-W8Q3