EUVD-2004-2469

Malware in sbrugna...

EUVD-2022-1793

Malicious code in bioql PyPI...

Denial Of Service (DoS)

Jetty HTTP Server is vulnerable to denial of service. HTTP requests are not properly validated, which allows for a remote attacker to cause the application to crash via a large value in the Content-Length header...

Moderate: Red Hat Security Advisory: Fuse MQ Enterprise 7.1.0 update

Fuse MQ Enterprise 7.1.0, which fixes one security issue, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, whi...

[SECURITY] Fedora 16 Update: jetty-6.1.26-8.fc16

Jetty is a 100% Java HTTP Server and Servlet Container. This means that you do not need to configure and run a separate web server like Apache in order to use java, servlets and JSPs to generate dynamic content. Jetty is a fully featured web server for static and dynamic content. Unlike separate...

CVE-2011-4404

The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to...

CVE-2011-4404

The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to...

Jetty HTTP server directory traversal vulnerability

Overview A vulnerability in the Jetty HTTP server could allow a remote attacker to gain access to files outside of the normal document tree. Description Jetty provides an HTTP server, HTTP client, and javax.servlet container. An error in the way canonical paths are interpreted in the HTTP server'...

[SECURITY] Fedora 9 Update: jetty-5.1.14-1jpp.2.fc9

Jetty is a 100% Java HTTP Server and Servlet Container. This means that you do not need to configure and run a separate web server like Apache in order to use java, servlets and JSPs to generate dynamic content. Jetty is a fully featured web server for static and dynamic content. Unlike separate...

CVE-2004-2478

Unspecified vulnerability in Jetty HTTP Server, as used in 1 IBM Trading Partner Interchange before 4.2.4, 2 CA Unicenter Web Services Distributed Management WSDM before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. dot dot in the URL...

CVE-2004-2478

The CVE-2004-2478 entry concerns Jetty HTTP Server in affected products (IBM Trading Partner Interchange < 4.2.4; CA Unicenter Web Services Distributed Management

CVE-2004-2381

HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service memory usage and application crash via HTTP requests with a large Content-Length...

CVE-2004-2381

CVE-2004-2381 affects the Jetty HTTP Server prior to 4.2.19. The vulnerability arises in HttpRequest.java handling of HTTP requests with a large Content-Length, allowing remote attackers over the network to cause memory usage growth and a denial of service (application crash). Affected products a...

CVE-2004-2478

Unspecified vulnerability in Jetty HTTP Server, as used in 1 IBM Trading Partner Interchange before 4.2.4, 2 CA Unicenter Web Services Distributed Management WSDM before 3.11, and possibly other products, allows remote attackers to read arbitrary files via a .. dot dot in the URL...

CVE-2004-2381

HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service memory usage and application crash via HTTP requests with a large Content-Length...

CVE-2002-1178

Directory traversal vulnerability in the CGIServlet for Jetty HTTP server before 4.1.0 allows remote attackers to execute arbitrary commands via ..\ dot-dot backslash sequences in an HTTP request to the cgi-bin directory...

CVE-2002-1178

The CVE-2002-1178 entry concerns a directory traversal vulnerability in the Jetty HTTP server’s CGIServlet (affected: Jetty CGIServlet prior to 4.1.0). An attacker can craft requests to the cgi-bin directory using ..\ sequences to trigger arbitrary command execution. The provided documents identi...

CVE-2002-1178

Directory traversal vulnerability in the CGIServlet for Jetty HTTP server before 4.1.0 allows remote attackers to execute arbitrary commands via ..\ dot-dot backslash sequences in an HTTP request to the cgi-bin directory...