mortbay_jetty CVE Vulnerabilities & CVE List (4)

Products (CPE): — CVEs: 4

mortbay_jetty vulnerability overview

Aggregates CVE and security vulnerability intelligence across all mortbay_jetty-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk cross-site scripting and vendor risk path handling and related problems; some flaws may lead to vendor impact file overwrite and vendor impact session compromise.

Vulnerability distribution trend (last 24 months)

Showing 14 of 4 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2007-6672 Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI. [email protected] 5.0 1.11% 2008-01-08 2026-04-23
CVE-2007-5615 CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. [email protected] 5.0 3.98% 2007-12-05 2026-04-23
CVE-2007-5614 Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors. [email protected] 7.5 3.49% 2007-12-05 2026-04-23
CVE-2007-5613 Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies. [email protected] 4.3 3.89% 2007-12-05 2026-04-23
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence