Moderate severityNVD Advisory· Published Jan 8, 2008· Updated Jun 16, 2026
CVE-2007-6672
CVE-2007-6672
Description
Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.mortbay.jetty:jettyMaven | >= 6.1.5, < 6.1.7 | 6.1.7 |
Affected products
3Patches
Vulnerability mechanics
References
15- secunia.com/advisories/28322nvdVendor Advisory
- github.com/advisories/GHSA-4jjw-xrr6-9v3pghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2007-6672ghsaADVISORY
- www.kb.cert.org/vuls/id/553235nvdUS Government Resource
- web.archive.org/web/20080113051254/http://www.kb.cert.org/vuls/id/553235ghsaWEB
- web.archive.org/web/20080120225723/http://jira.codehaus.org/browse/JETTY-386ghsaWEB
- web.archive.org/web/20080120225728/http://jira.codehaus.org/browse/JETTY/fixforversion/13950ghsaWEB
- web.archive.org/web/20080517012615/http://www.securityfocus.com/bid/27117ghsaWEB
- jira.codehaus.org/browse/JETTY-386nvd
- jira.codehaus.org/browse/JETTY/fixforversion/13950nvd
- osvdb.org/39855nvd
- secunia.com/advisories/28547nvd
- www.igniterealtime.org/community/message/163752nvd
- www.securityfocus.com/bid/27117nvd
- www.vupen.com/english/advisories/2008/0079nvd
News mentions
0No linked articles in our index yet.