Lucene search

K
osvGoogleOSV:CVE-2017-9735
HistoryJun 16, 2017 - 9:29 p.m.

CVE-2017-9735

2017-06-1621:29:00
Google
osv.dev
5

AI Score

6.6

Confidence

Low

EPSS

0.003

Percentile

69.6%

Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.

References