Lucene search

K

Jetty accepts "+" prefixed value in Content-Length

🗓️ 14 Sep 2023 16:27:17Reported by GitHub Advisory DatabaseType 
github
 github
🔗 github.com👁 29 Views

Jetty allows "+" prefixed Content-Length leading to potential HTTP request smugglin

Show more
Related
Detection
Refs
ReporterTitlePublishedViews
Family
Amazon
Medium: jetty
15 Feb 202403:52
amazon
IBM Security Bulletins
Security Bulletin: Vulnerability in jetty-http affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2023-40167].
9 Feb 202408:57
ibm
IBM Security Bulletins
Security Bulletin: Vulnerability in jetty-http affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2023-40167]
5 Mar 202411:37
ibm
IBM Security Bulletins
Security Bulletin: IBM Event Streams is vulnerable to HTTP request smuggling (CVE-2023-40167)
15 Mar 202406:17
ibm
IBM Security Bulletins
Security Bulletin: Vulnerability in Apache Solr affects IBM Operations Analytics - Log Analysis (CVE-2023-40167)
15 Mar 202417:41
ibm
IBM Security Bulletins
Security Bulletin: Vulnerability in jetty-http-9.4.51.v20230217.jar affects IBM Integrated Analytics System (Sailfish) [CVE-2023-40167]
31 Oct 202311:23
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow
9 Nov 202319:30
ibm
IBM Security Bulletins
Security Bulletin: There is a vulnerability in jetty-http-9.4.51.v20230217.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-40167 and CVE-2023-36478)
1 Feb 202413:44
ibm
IBM Security Bulletins
Security Bulletin: IBM Operational Decision Manager October 2023 - Multiple CVEs addressed
19 Oct 202311:13
ibm
IBM Security Bulletins
Security Bulletin: There is a vulnerability in jetty-http-9.4.51.v20230217.jar used by IBM Maximo Asset Management application (CVE-2023-40167 and CVE-2023-36478)
17 Jan 202413:19
ibm
Rows per page
Vulners
Node
OR
org.eclipse.jettyjetty-httpRange11.0.011.0.15
OR
org.eclipse.jettyjetty-httpRange10.0.010.0.15
OR
org.eclipse.jettyjetty-httpRange9.0.09.4.51

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
14 Sep 2023 16:17Current
6.7Medium risk
Vulners AI Score6.7
EPSS0.001
29
.json
Report