Vulnerabilities (CVE)

Filtered by vendor Mortbay Subscribe

Filtered by product Jetty

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2009-5049	2 Debian, Mortbay	2 Debian Linux, Jetty	2019-11-08	4.3 MEDIUM	6.1 MEDIUM
WebApp JSP Snoop page XSS in jetty though 6.1.21.
CVE-2009-5048	1 Mortbay	1 Jetty	2019-11-07	4.3 MEDIUM	6.1 MEDIUM
Cookie Dump Servlet stored XSS vulnerability in jetty though 6.1.20.
CVE-2011-4461	2 Mortbay, Oracle	2 Jetty, Sun Storage Common Array Manager	2019-03-08	5.0 MEDIUM	5.3 MEDIUM
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.