Jetty WEB-INF File Disclosure

Jetty suffers from a vulnerability where certain encoded URIs and ambiguous paths can access protected files in the WEB-INF folder. Versions effected are: 9.4.37.v20210219, 9.4.38.v20210224 and 9.4.37-9.4.42, 10.0.1-10.0.5, 11.0.1-11.0.5. Exploitation can obtain any file in the WEB-INF folder, bu...

Jetty 9.4.37.v20210219 - Information Disclosure

Exploit Title: Jetty 9.4.37.v20210219 - Information Disclosure Date: 2021-10-21 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.eclipse.org/jetty/ Software Link: https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.37.v20210219/ Version: 9.4.37.v20210219 and...

Eclipse Jetty Information Disclosure Vulnerability (GHSA-vjv5-gp2w-65vm) - Linux

Eclipse Jetty is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty"...