Information on source package jetty

Available versions

ReleaseVersion
wheezy6.1.26-1
wheezy (security)6.1.26-1+deb7u1
jessie6.1.26-4

Open issues

BugwheezyjessieDescription
CVE-2017-9735fixedvulnerableJetty through 9.4.x is prone to a timing channel in ...

Open unimportant issues

BugwheezyjessieDescription
CVE-2009-3579vulnerablevulnerableCross-site scripting (XSS) vulnerability in the CookieDump.java sample ...

Resolved issues

BugDescription
CVE-2016-4800The path normalization mechanism in PathResource class in Eclipse ...
CVE-2015-2080The exception handling code in Eclipse Jetty before 9.2.9.v20150224 ...
CVE-2011-4461Jetty 8.1.0.RC2 and earlier computes hash values for form parameters ...
CVE-2011-4404The default configuration of the HTTP server in Jetty in vSphere ...
CVE-2009-5049multiple vulnerabilities in jetty
CVE-2009-5048multiple vulnerabilities in jetty
CVE-2009-5047multiple vulnerabilities in jetty
CVE-2009-5046multiple vulnerabilities in jetty
CVE-2009-5045multiple vulnerabilities in jetty
CVE-2009-4612Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP ...
CVE-2009-4611Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without sanitizing ...
CVE-2009-4610Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty ...
CVE-2009-4609The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote ...
CVE-2009-1524Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before ...
CVE-2009-1523Directory traversal vulnerability in the HTTP server in Mort Bay Jetty ...
CVE-2007-6672Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass ...
CVE-2007-5615CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows ...
CVE-2007-5614Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote ...
CVE-2007-5613Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay ...
CVE-2006-6969Jetty before 4.2.27, 5.1 before 5.1.12, 6.0 before 6.0.2, and 6.1 ...
CVE-2006-2759jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary ...
CVE-2006-2758Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 ...
CVE-2005-3747Unspecified vulnerability in Jetty before 5.1.6 allows remote ...
CVE-2004-2381HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote ...
CVE-2002-1533Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine ...
CVE-2002-1178Directory traversal vulnerability in the CGIServlet for Jetty HTTP ...

Security announcements

DSA / DLADescription
DLA-1020-1jetty - security update

Search for package or bug name: Reporting problems