suse · CVE-2005-3747

Quick triage

Priority: medium Published: 2023-04-20 01:49:10 UTC Updated: 2023-07-25 02:01:12 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2005-3747 severity moderate: SUSE including 8 source package names (jetty-http, jetty-io, …), 89 product×package rows across 12 product lines (SUSE Enterprise Storage 7, SUSE Enterprise Storage 7.1, … (12 product lines)): Known Not Affected 89.

Description:

Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash ("%5C") characters. NOTE: this might be the same issue as CVE-2006-2758.

cvelogic Threat Intelligence