VYPR
Medium severity5.3NVD Advisory· Published Apr 22, 2019· Updated Jun 17, 2026

CVE-2019-10246

CVE-2019-10246

Description

In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted to only the content in the configured base resource directories.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.eclipse.jetty:jetty-serverMaven
>= 9.2.0, < 9.2.28.v201904189.2.28.v20190418
org.eclipse.jetty:jetty-serverMaven
>= 9.3.0, < 9.3.27.v201904189.3.27.v20190418
org.eclipse.jetty:jetty-serverMaven
>= 9.4.0, < 9.4.17.v201904189.4.17.v20190418

Affected products

2

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.