50 matches found
EUVD-2022-3184
Malicious code in bioql PyPI...
EUVD-2022-3299
Malicious code in bioql PyPI...
EUVD-2022-3840
Malicious code in bioql PyPI...
EUVD-2022-2400
Malicious code in bioql PyPI...
SUSE CVE-2007-5615
CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
Mortbay Jetty Double Slash URI Information Disclosure Vulnerability
Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple / slash characters in the URI...
GHSA-966R-962G-2JQ5 Mortbay Jetty CRLF Injection Vulnerability
CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
GHSA-FVH3-4V5R-CVVC Improper Authentication in Mortbay Jetty
Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors...
Improper Authentication in Mortbay Jetty
Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors...
ai.catboost:catboost-spark_2.11 (>=0.25-rc1 <=0.25-rc3), ai.catboost:catboost-spark_2.12 (>=0.25-rc1 <=0.25-rc3) +4643 more potentially affected by CVE-2007-5613 via org.mortbay.jetty:jetty (>=6.0.0 <=6.1.5rc0)
org.mortbay.jetty:jetty MAVEN version =6.0.0, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.25, =0.6.0, =3.20.0.2, =3.20.0.2, =3.20.0.2, =3.20.0.2, =3.8.3.3, =3.42.0.4 and more Source cves: CVE-2007-5613 Source advisory: OSV:GHSA-8H77-9VH5-HW5G...
GHSA-8H77-9VH5-HW5G Mortbay Jetty vulnerable to Cross-site scripting
Cross-site scripting XSS vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies...
Mortbay Jetty vulnerable to Cross-site scripting
Cross-site scripting XSS vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies...
GHSA-MQ4X-8WHH-JX73 Improper Input Validation in Mortbay Jetty
jetty 6.0.x jetty6 beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations...
Improper Input Validation in Mortbay Jetty
jetty 6.0.x jetty6 beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations...
GHSA-CWQ3-QP8V-W8Q3 Mortbay Jetty Discloses JSP Source Code
Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash %5C characters. NOTE: this might be the same issue as CVE-2006-2758...
Mortbay Jetty Discloses JSP Source Code
Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash %5C characters. NOTE: this might be the same issue as CVE-2006-2758...
CVE-2007-5615
CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
CVE-2007-5614
Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors...
CVE-2007-5613
Cross-site scripting XSS vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies...
Session Hijacking
Mortbay Jetty is vulnerable to session hijacking. Certain quote sequences in the HTML cookie parameters are not properly handled and allows remote attackers to hijack browser sessions...