Sign in Subscribe

← All vendors

Vendor

Mortbay Jetty

Products

1

CVEs

4

Across products

4

Status

Private

Products

1

Jetty
4 CVEs

Recent CVEs

4

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2007-6672		0.00	—	0.01		Jan 8, 2008	Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI.
CVE-2007-5615		0.00	—	0.04		Dec 5, 2007	CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
CVE-2007-5613		0.00	—	0.04		Dec 5, 2007	Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies.
CVE-2007-5614		0.00	—	0.03		Dec 5, 2007	Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.