Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetty vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5613
Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty prior to 6.1.6rc1 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters and cookies.
Mortbay Jetty Jetty 4.0
Mortbay Jetty Jetty 4.1
Mortbay Jetty Jetty 3.0
Mortbay Jetty Jetty 3.1
Mortbay Jetty Jetty 1.0
Mortbay Jetty Jetty 4.2
Mortbay Jetty Jetty 5
Mortbay Jetty Jetty 2.4
Mortbay Jetty Jetty 6
Mortbay Jetty Jetty 5.1
Mortbay Jetty Jetty 6.1
NA
CVE-2007-5614
Mortbay Jetty prior to 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote malicious users to hijack browser sessions via unspecified vectors.
Mortbay Jetty Jetty 4.0
Mortbay Jetty Jetty 4.1
Mortbay Jetty Jetty 3.0
Mortbay Jetty Jetty 3.1
Mortbay Jetty Jetty 1.0
Mortbay Jetty Jetty 4.2
Mortbay Jetty Jetty 5
Mortbay Jetty Jetty 2.4
Mortbay Jetty Jetty 6
Mortbay Jetty Jetty 5.1
Mortbay Jetty Jetty 6.1
NA
CVE-2004-2381
HttpRequest.java in Jetty HTTP Server prior to 4.2.19 allows remote malicious users to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length.
Jetty Jetty Http Server 4.1.0 Rc4
Jetty Jetty Http Server 4.0.b2
Jetty Jetty Http Server 4.0 Rc2
Jetty Jetty Http Server 4.2.11
Jetty Jetty Http Server 4.2.10
Jetty Jetty Http Server 4.1.b0
Jetty Jetty Http Server 4.1.0 Rc5
Jetty Jetty Http Server 4.0.d2
Jetty Jetty Http Server 4.1.d1
Jetty Jetty Http Server 4.2.3
Jetty Jetty Http Server 4.1.3
Jetty Jetty Http Server 4.0.2
Jetty Jetty Http Server 4.0 Rc1
Jetty Jetty Http Server 4.2.9 Rc1
Jetty Jetty Http Server 4.2.12
Jetty Jetty Http Server 4.1.0 Rc2
Jetty Jetty Http Server 4.0.1 Rc2
Jetty Jetty Http Server 4.2.9 Rc2
Jetty Jetty Http Server 4.2.7
Jetty Jetty Http Server 4.0.d1
Jetty Jetty Http Server 4.0.b1
Jetty Jetty Http Server 4.2.18
NA
CVE-2006-6969
Jetty prior to 4.2.27, 5.1 prior to 5.1.12, 6.0 prior to 6.0.2, and 6.1 prior to 6.1.0pre3 generates predictable session identifiers using java.util.random, which makes it easier for remote malicious users to guess a session identifier through brute force attacks, bypass authenti...
Jetty Jetty Http Server 4.2.11
Jetty Jetty Http Server 6.1.0 Pre2
Jetty Jetty Http Server 4.2.12
Jetty Jetty Http Server 5.1.11
Jetty Jetty Http Server 4.2.18
Jetty Jetty Http Server 6.0.1
Jetty Jetty Http Server 4.2.19
Jetty Jetty Http Server 4.2.16
Jetty Jetty Http Server 4.2.15
Jetty Jetty Http Server 4.2.9
Jetty Jetty Http Server 4.2.14
Jetty Jetty Http Server 4.2.17
Jetty Jetty Http Server 4.2.24
5.3
CVSSv3
CVE-2011-4461
Jetty 8.1.0.RC2 and previous versions computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many crafted parameters.
Oracle Sun Storage Common Array Manager 6.9.0
Mortbay Jetty 1.0.1
Mortbay Jetty 6.1.5
Mortbay Jetty 6.1.0
Mortbay Jetty 6.1.12
Mortbay Jetty 4.2.25
Mortbay Jetty 5.1.3
Mortbay Jetty 6.0.0
Mortbay Jetty 1.3.1
Mortbay Jetty 3.0.a3
Mortbay Jetty 1.3.4
Mortbay Jetty 4.2.22
Mortbay Jetty 3.1.8
Mortbay Jetty 3.0.a0
Mortbay Jetty 6.1.15
Mortbay Jetty 4.2.1
Mortbay Jetty 2.0.4
Mortbay Jetty 2.2
Mortbay Jetty 2.2.8
Mortbay Jetty 7.0.0
Mortbay Jetty 5.1.2
Mortbay Jetty 5.1.5
1 Article
NA
CVE-2005-3747
Unspecified vulnerability in Jetty prior to 5.1.6 allows remote malicious users to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash ("%5C") characters. NOTE: this might be the same issue as CVE-2006-2758.
Mortbay Jetty 1.0.1
Mortbay Jetty 4.2.25
Mortbay Jetty 5.1.3
Mortbay Jetty 1.3.1
Mortbay Jetty 3.0.a3
Mortbay Jetty 1.3.4
Mortbay Jetty 4.2.22
Mortbay Jetty 3.1.8
Mortbay Jetty 3.0.a0
Mortbay Jetty 4.2.1
Mortbay Jetty 2.0.4
Mortbay Jetty 2.2
Mortbay Jetty 2.2.8
Mortbay Jetty 5.1.2
Mortbay Jetty 5.1.5
Mortbay Jetty 3.0.a95
Mortbay Jetty 4.2.9
Mortbay Jetty 3.0.0
Mortbay Jetty 5.0
Mortbay Jetty 2.1.1
Mortbay Jetty 3.0.a97
Mortbay Jetty 2.0
1 EDB exploit
NA
CVE-2004-2478
Unspecified vulnerability in Jetty HTTP Server, as used in (1) IBM Trading Partner Interchange prior to 4.2.4, (2) CA Unicenter Web Services Distributed Management (WSDM) prior to 3.11, and possibly other products, allows remote malicious users to read arbitrary files via a .. (d...
Ibm Trading Partner Interchange 4.2.1
Jetty Jetty Http Server 4.1.0 Rc4
Jetty Jetty Http Server 4.2.11
Jetty Jetty Http Server 4.2.12
Jetty Jetty Http Server 4.2.7
Jetty Jetty Http Server 4.2.18
Jetty Jetty Http Server 4.2.5
Jetty Jetty Http Server 4.2.19
Jetty Jetty Http Server 4.2.16
Jetty Jetty Http Server 4.1.0
Jetty Jetty Http Server 4.2.4
Ibm Trading Partner Interchange
Ca Unicenter Web Services Distributed Management
Jetty Jetty Http Server 4.2.15
Jetty Jetty Http Server 3.1.7
Jetty Jetty Http Server 4.2.9
Jetty Jetty Http Server 4.2.6
Jetty Jetty Http Server 3.1.6
Jetty Jetty Http Server 4.2.14
Jetty Jetty Http Server 4.1.1
Jetty Jetty Http Server 4.2.17
7.5
CVSSv3
CVE-2018-12545
In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to the additional CPU and memory al...
Eclipse Jetty 9.3.0
Eclipse Jetty 9.3.4
Eclipse Jetty 9.3.7
Eclipse Jetty 9.3.8
Eclipse Jetty 9.3.1
Eclipse Jetty 9.3.2
Eclipse Jetty 9.3.3
Eclipse Jetty 9.3.5
Eclipse Jetty 9.3.6
Eclipse Jetty 9.3.9
Eclipse Jetty 9.3.10
Eclipse Jetty 9.3.11
Eclipse Jetty 9.3.12
Eclipse Jetty 9.3.13
Eclipse Jetty 9.3.14
Eclipse Jetty 9.3.15
Eclipse Jetty 9.3.16
Eclipse Jetty 9.3.17
Eclipse Jetty 9.3.18
Eclipse Jetty 9.3.19
Eclipse Jetty 9.3.20
Eclipse Jetty 9.3.21
NA
CVE-2009-1523
Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x prior to 6.1.17, and 7.x up to and including 7.0.0.M2 allows remote malicious users to access arbitrary files via directory traversal sequences in the URI.
Mortbay Jetty 1.0.1
Mortbay Jetty 6.1.5
Mortbay Jetty 6.1.0
Mortbay Jetty 6.1.12
Mortbay Jetty 4.2.25
Mortbay Jetty 5.1.3
Mortbay Jetty 6.0.0
Mortbay Jetty 1.3.1
Mortbay Jetty 3.0.a3
Mortbay Jetty 1.3.4
Mortbay Jetty 4.2.22
Mortbay Jetty 3.1.8
Mortbay Jetty 3.0.a0
Mortbay Jetty 6.1.15
Mortbay Jetty 4.2.1
Mortbay Jetty 2.0.4
Mortbay Jetty
Mortbay Jetty 2.2
Mortbay Jetty 2.2.8
Mortbay Jetty 7.0.0
Mortbay Jetty 5.1.2
Mortbay Jetty 5.1.5
2 EDB exploits
NA
CVE-2009-1524
Cross-site scripting (XSS) vulnerability in Mort Bay Jetty prior to 6.1.17 allows remote malicious users to inject arbitrary web script or HTML via a directory listing request containing a ; (semicolon) character.
Mortbay Jetty 1.0.1
Mortbay Jetty 6.1.5
Mortbay Jetty 6.1.0
Mortbay Jetty 6.1.12
Mortbay Jetty 4.2.25
Mortbay Jetty 5.1.3
Mortbay Jetty 6.0.0
Mortbay Jetty 1.3.1
Mortbay Jetty 3.0.a3
Mortbay Jetty 1.3.4
Mortbay Jetty 4.2.22
Mortbay Jetty 3.1.8
Mortbay Jetty 3.0.a0
Mortbay Jetty 6.1.15
Mortbay Jetty 4.2.1
Mortbay Jetty 2.0.4
Mortbay Jetty 2.2
Mortbay Jetty 2.2.8
Mortbay Jetty 5.1.2
Mortbay Jetty 5.1.5
Mortbay Jetty 5.1.13
Mortbay Jetty 3.0.a95
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »