Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetty vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2007-5615
CRLF injection vulnerability in Mortbay Jetty prior to 6.1.6rc0 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Mortbay Jetty Jetty
6.8
CVSSv2
CVE-2006-6969
Jetty prior to 4.2.27, 5.1 prior to 5.1.12, 6.0 prior to 6.0.2, and 6.1 prior to 6.1.0pre3 generates predictable session identifiers using java.util.random, which makes it easier for remote malicious users to guess a session identifier through brute force attacks, bypass authenti...
Jetty Jetty Http Server 4.2.18
Jetty Jetty Http Server 4.2.19
Jetty Jetty Http Server 4.2.12
Jetty Jetty Http Server 4.2.14
Jetty Jetty Http Server 5.1.11
Jetty Jetty Http Server 6.0.1
Jetty Jetty Http Server 4.2.15
Jetty Jetty Http Server 4.2.16
Jetty Jetty Http Server 4.2.17
Jetty Jetty Http Server 6.1.0 Pre2
Jetty Jetty Http Server 4.2.11
Jetty Jetty Http Server 4.2.24
Jetty Jetty Http Server 4.2.9
5
CVSSv2
CVE-2006-2759
jetty 6.0.x (jetty6) beta16 allows remote malicious users to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations.
Jetty Jetty 6.0 Beta 16
5
CVSSv2
CVE-2006-2758
Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote malicious users to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. NOTE: this might be the same issue as CVE-2005-3747.
Jetty Jetty 6.0
1 EDB exploit
5
CVSSv2
CVE-2005-3747
Unspecified vulnerability in Jetty prior to 5.1.6 allows remote malicious users to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash ("%5C") characters. NOTE: this might be the same issue as CVE-2006-2758.
Mortbay Jetty 1.0.1
Mortbay Jetty 1.1
Mortbay Jetty 3.0.a9
Mortbay Jetty 3.0.a4
Mortbay Jetty 3.0.a1
Mortbay Jetty 3.0.0
Mortbay Jetty 2.1.b0
Mortbay Jetty 2.1.1
Mortbay Jetty 2.1.6
Mortbay Jetty 2.2
Mortbay Jetty 1.3.1
Mortbay Jetty 1.3.2
Mortbay Jetty 2.0
Mortbay Jetty 2.0.0
Mortbay Jetty 2.4.1
Mortbay Jetty 2.4.0
Mortbay Jetty 3.0.a92
Mortbay Jetty 3.0.a91
Mortbay Jetty 2.2.0
Mortbay Jetty 2.2.7
Mortbay Jetty 2.2.8
Mortbay Jetty 4.2.21
1 EDB exploit
7.5
CVSSv2
CVE-2004-2478
Unspecified vulnerability in Jetty HTTP Server, as used in (1) IBM Trading Partner Interchange prior to 4.2.4, (2) CA Unicenter Web Services Distributed Management (WSDM) prior to 3.11, and possibly other products, allows remote malicious users to read arbitrary files via a .. (d...
Ibm Trading Partner Interchange 4.2.1
Jetty Jetty Http Server 4.2.14
Jetty Jetty Http Server 4.2.15
Jetty Jetty Http Server 4.2.6
Jetty Jetty Http Server 4.2.7
Jetty Jetty Http Server 4.2.11
Jetty Jetty Http Server 4.2.12
Jetty Jetty Http Server 4.2.4
Jetty Jetty Http Server 4.2.5
Jetty Jetty Http Server 3.1.6
Jetty Jetty Http Server 3.1.7
Jetty Jetty Http Server 4.1.0
Jetty Jetty Http Server 4.2.16
Jetty Jetty Http Server 4.2.17
Jetty Jetty Http Server 4.2.9
Ca Unicenter Web Services Distributed Management
Jetty Jetty Http Server 4.1.0 Rc4
Jetty Jetty Http Server 4.1.1
Jetty Jetty Http Server 4.2.18
Jetty Jetty Http Server 4.2.19
Ibm Trading Partner Interchange
5
CVSSv2
CVE-2004-2381
HttpRequest.java in Jetty HTTP Server prior to 4.2.19 allows remote malicious users to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length.
Jetty Jetty Http Server 4.0.1
Jetty Jetty Http Server 4.0.1 Rc0
Jetty Jetty Http Server 4.0.6
Jetty Jetty Http Server 4.0.b0
Jetty Jetty Http Server 4.0.d4
Jetty Jetty Http Server 4.0 Rc1
Jetty Jetty Http Server 4.0 Rc2
Jetty Jetty Http Server 4.0.0
Jetty Jetty Http Server 4.0.4
Jetty Jetty Http Server 4.0.5
Jetty Jetty Http Server 4.0.d2
Jetty Jetty Http Server 4.0.d3
Jetty Jetty Http Server 4.1.0 Rc2
Jetty Jetty Http Server 4.1.0 Rc3
Jetty Jetty Http Server 4.1.4
Jetty Jetty Http Server 4.1.b0
Jetty Jetty Http Server 4.2.0 Rc0
Jetty Jetty Http Server 4.2.0 Rc1
Jetty Jetty Http Server 4.2.1
Jetty Jetty Http Server 4.2.14 Rc0
Jetty Jetty Http Server 4.2.14 Rc1
Jetty Jetty Http Server 4.2.3
5
CVSSv2
CVE-2003-0083
Apache 1.3 prior to 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for malicious users to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences,...
Apache Http Server
5.8
CVSSv2
CVE-2002-1533
Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote malicious users to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (%0a).
Jetty Jetty 4.1.0 Rc4
1 EDB exploit
5
CVSSv2
CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for malicious users to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
Apache Http Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »